Report #10669 check_circle

Binary
DLL
False cancel
Size
414.50KB
trid
62.0% Generic CIL Executable
23.4% Win64 Executable
5.5% Win32 Dynamic Link Library
3.8% Win32 Executable
1.7% OS/2 Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
527372f706fac5e144ba15e19e041b34
sha1
ecd1baf090b2245b7b54603e0ef5813abc27ef9b
crc32
0xef1ccf75
sha224
27f1e133a8558c779de1e2bf6c837bd1e1676e0eba1809e7da07f3dc
sha256
3bcfe5cfe8c8cca896bdad3d88024305851027fce85462af8c656b84c1310c49
sha384
39bf47c299a36cf23bf70ccf9546fbf46a5fd7ea4d2b27296056e7150e343a90b08ef32f3b301358c1518dbba045d294
sha512
876328a94d48d7a562110fb41693981ba851bfdcbd7e040526669a0a8edd9e68b047cd3654772ff5e4c7c1247f0e2c2bd500b1f16a23651f583d593556a961c3
ssdeep
12288:9GLwpYIGCXP2H/yJ1DDmT++YOk0jjLTTiV:IiNGW6qJ1DmT+evjL/i
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
NET_executable, contentis_base64, Microsoft_Visual_C_v70_Basic_NET, Microsoft_Visual_Studio_NET_additional, IP, NETDLLMicrosoft, IsNET_EXE, NETexecutableMicrosoft, Microsoft_Visual_C_Basic_NET, Microsoft_Visual_Studio_NET, IsPacked, NET_executable_, domain, IsPE32, Microsoft_Visual_C_v70_Basic_NET_additional, IsWindowsGUI

Suspicious
True check_circle

Strings
List
w.In
System.IO
OOP_RPG.Properties
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
o.Ru
WarriorGame.Equipment
M.tW
j.NG
1.Buy Item
OOP_RPG.Properties.Resources.resources
Skorlar.txt
PhotoDirector.dll
PhotoDirector.dll
PhotoDirector.dll
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
16.0.0.0
suHhR.exe
suHhR.exe
suHhR.exe
OOP_RPG.Properties.Resources
fDa({
get_Speed
set_Speed
HFo'd
.7%6e)
Ot%4o>
, but you are out of guesses.
KNi%iC!<s
ae%c5
%dOH`
VtA%f$
You've encountered a
What you want to sell?
What you want to buy?
3System.Resources.Tools.StronglyTypedResourceBuilder
Congratulation! You won
HeroTurn
You did
RdMO
You got
CheckWin
You win the answer was
was too low
does
defence
System.Windows.Forms
was too high
Aeeeee You don't have enough money
Play this game by trying to guess the random number generated
mscoree.dll
mscoree.dll
$3fc8a1f2-9a2c-4ef9-b111-e9f19f3eab84
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADm
get_ResourceManager
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
c.qocp
between 1-100 by the computer within 10 guesses.
You've been defeated! :( GAME OVER.
shellFromUser
Click "New Game" to try again.
DebuggerBrowsableState
DebuggableAttribute
DebuggableAttribute
DebuggingModes
DebuggingModes
ResourceManager
fD5E
You don't have any portion to re gain HP
BAD_GUY_ARMOUR
BAD_GUY_DAMAGE
has been defeated! You win the battle!
You don't have any weapons to sell
GOOD_GUY_ARMOUR
GOOD_GUY_DAMAGE
You don't have any Armors to sell
You don't have any Potion to sell
OOP_RPG
OOP_RPG
OOP_RPG
OOP_RPG
OOP_RPG
Binder
RandomNum
sure
Sleep
shell
Hide
$35c8a31a-a615-4957-9cea-7bcc3b872e5c
Random

Foremost
Matches
0.exe, 414 KB, 87.png, 368 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: False cancel
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

Files
Allowed: PhotoDirector.dll, mscoree.dll
hasFiles: True check_circle
Suspicious: Skorlar.txt
hasAllowed: True check_circle
hasSuspicious: True check_circle

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 2048
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 512
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .text, .rsrc, .reloc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 4
Linker
Version: 48.0
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 429966
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: mscoree.dll
hasLibs: True check_circle
Suspicious: photodirector.dll
hasAllowed: True check_circle
hasSuspicious: True check_circle

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2020-06-13 01:30:40
Future: False cancel

Compilation
Packed: False cancel
Missing: False cancel
Packers
Compiled: True check_circle
Compilers: Microsoft Visual C# / Basic .NET, Microsoft Visual Studio .NET, .NET executable, Microsoft Visual C# v7.0 / Basic .NET

Obfuscation
XOR: True check_circle
Fuzzing: False cancel

PEDetector
Matches
39093
Suspicious
True check_circle
Disassembly
hasTricks
True check_circle
Tricks
pushret
.text: 241

pushpopmath
.text: 112

garbagebytes
.text: 87

hookdetection
.text: 4

software breakpoint
.text: 5

fakeconditionaljumps
.text: 3

programcontrolflowchange
.text: 84

cpuinstructionsresultscomparison
.text: 3

AVclass
agenttesla
1
VirusTotal
md5
527372f706fac5e144ba15e19e041b34
sha1
ecd1baf090b2245b7b54603e0ef5813abc27ef9b
SCANS (DETECTION RATE = 43.24%)
AVG
result: FileRepMalware
update: 20200613
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20200613
version: 2.7.2019.1
detected: False cancel

MAX
update: 20200613
version: 2019.9.16.1
detected: False cancel

APEX
result: Malicious
update: 20200613
version: 6.36
detected: True check_circle

Bkav
update: 20200613
version: 1.3.0.9899
detected: False cancel

K7GW
update: 20200613
version: 11.114.34399
detected: False cancel

ALYac
update: 20200613
version: 1.1.1.5
detected: False cancel

Avast
update: 20200613
version: 18.4.3895.0
detected: False cancel

Avira
result: TR/AD.AgentTesla.ysgqu
update: 20200613
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190318
version: 1.0.0.2
detected: False cancel

Cynet
result: Malicious (score: 85)
update: 20200613
version: 4.0.0.24
detected: True check_circle

Cyren
result: W32/MSIL_Kryptik.AWS.gen!Eldorado
update: 20200613
version: 6.3.0.2
detected: True check_circle

DrWeb
update: 20200613
version: 7.0.46.3050
detected: False cancel

GData
update: 20200613
version: A:25.25913B:27.19080
detected: False cancel

Panda
update: 20200613
version: 4.6.4.2
detected: False cancel

VBA32
update: 20200612
version: 4.4.1
detected: False cancel

VIPRE
update: 20200613
version: 84444
detected: False cancel

Zoner
update: 20200612
version: 0.0.0.0
detected: False cancel

ClamAV
update: 20200613
version: 0.102.3.0
detected: False cancel

Comodo
update: 20200613
version: 32532
detected: False cancel

F-Prot
result: W32/MSIL_Kryptik.AWS.gen!Eldorado
update: 20200613
version: 4.7.1.166
detected: True check_circle

Ikarus
result: Win32.SuspectCrc
update: 20200613
version: 0.1.5.2
detected: True check_circle

McAfee
result: Artemis!527372F706FA
update: 20200613
version: 6.0.6.653
detected: True check_circle

Rising
update: 20200613
version: 25.0.0.25
detected: False cancel

Sophos
update: 20200613
version: 4.98.0
detected: False cancel

Yandex
result: Trojan.AvsArher.bSIdr7
update: 20200611
version: 5.5.2.24
detected: True check_circle

Zillya
update: 20200612
version: 2.0.0.4109
detected: False cancel

Acronis
update: 20200603
version: 1.1.1.76
detected: False cancel

Alibaba
update: 20190527
version: 0.3.0.5
detected: False cancel

Arcabit
update: 20200613
version: 1.0.0.875
detected: False cancel

Cylance
result: Unsafe
update: 20200613
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (high confidence)
update: 20200608
version: 4.0.5
detected: True check_circle

FireEye
result: Generic.mg.527372f706fac5e1
update: 20200613
version: 32.31.0.0
detected: True check_circle

Sangfor
result: Malware
update: 20200423
version: 1.0
detected: True check_circle

TACHYON
update: 20200613
version: 2020-06-13.02
detected: False cancel

Tencent
result: Win32.Trojan.Inject.Auto
update: 20200613
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20200613
version: 2014.3.20.0
detected: False cancel

Webroot
update: 20200613
version: 1.0.0.403
detected: False cancel

eGambit
result: Unsafe.AI_Score_99%
update: 20200613
detected: True check_circle

Ad-Aware
update: 20200613
version: 3.0.5.370
detected: False cancel

AegisLab
update: 20200613
version: 4.2
detected: False cancel

Emsisoft
update: 20200613
version: 2018.12.0.1641
detected: False cancel

F-Secure
result: Trojan.TR/AD.AgentTesla.ysgqu
update: 20200613
version: 12.0.86.52
detected: True check_circle

Fortinet
result: Malicious_Behavior.SB
update: 20200613
version: 6.2.142.0
detected: True check_circle

Invincea
result: heuristic
update: 20200502
version: 6.3.6.26157
detected: True check_circle

Jiangmin
update: 20200613
version: 16.0.100
detected: False cancel

Kingsoft
update: 20200613
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20200613
version: 1.0
detected: True check_circle

Symantec
result: ML.Attribute.HighConfidence
update: 20200613
version: 1.11.0.0
detected: True check_circle

Trapmine
update: 20200505
version: 3.2.25.947
detected: False cancel

AhnLab-V3
update: 20200613
version: 3.18.0.10004
detected: False cancel

Antiy-AVL
update: 20200613
version: 3.0.0.1
detected: False cancel

Kaspersky
result: HEUR:Trojan.MSIL.NanoBot.gen
update: 20200613
version: 15.0.1.13
detected: True check_circle

MaxSecure
result: Trojan.Malware.300983.susgen
update: 20200613
version: 1.0.0.1
detected: True check_circle

Microsoft
result: Trojan:Win32/Wacatac.C!ml
update: 20200613
version: 1.1.17100.2
detected: True check_circle

Qihoo-360
update: 20200613
version: 1.0.0.1120
detected: False cancel

ZoneAlarm
result: HEUR:Trojan.MSIL.NanoBot.gen
update: 20200613
version: 1.0
detected: True check_circle

Cybereason
result: malicious.090b22
update: 20190616
version: 1.2.449
detected: True check_circle

ESET-NOD32
result: a variant of MSIL/Kryptik.WHV
update: 20200613
version: 21488
detected: True check_circle

TrendMicro
result: TROJ_FRS.VSNW0DF20
update: 20200613
version: 11.0.0.1006
detected: True check_circle

BitDefender
update: 20200613
version: 7.2
detected: False cancel

CrowdStrike
result: win/malicious_confidence_80% (W)
update: 20190702
version: 1.0
detected: True check_circle

K7AntiVirus
update: 20200613
version: 11.114.34399
detected: False cancel

SentinelOne
result: DFI - Malicious PE
update: 20200601
version: 4.3.0.105
detected: True check_circle

Avast-Mobile
update: 20200612
version: 200612-00
detected: False cancel

Malwarebytes
result: Spyware.PasswordStealer.Generic
update: 20200613
version: 3.6.4.335
detected: True check_circle

TotalDefense
update: 20200613
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
update: 20200613
version: 14.00
detected: False cancel

NANO-Antivirus
update: 20200613
version: 1.0.134.25119
detected: False cancel

BitDefenderTheta
update: 20200609
version: 7.2.37796.0
detected: False cancel

MicroWorld-eScan
update: 20200613
version: 14.0.409.0
detected: False cancel

SUPERAntiSpyware
update: 20200612
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: BehavesLike.Win32.Generic.gc
update: 20200613
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
result: TROJ_FRS.VSNW0DF20
update: 20200613
version: 10.0.0.1040
detected: True check_circle

total
74
sha256
3bcfe5cfe8c8cca896bdad3d88024305851027fce85462af8c656b84c1310c49
scan_id
3bcfe5cfe8c8cca896bdad3d88024305851027fce85462af8c656b84c1310c49-1592072257
resource
527372f706fac5e144ba15e19e041b34
positives
32
scan_date
2020-06-13 18:17:37
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
24/6/2020 - 11:45:45.465Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\malware.exe.config
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.localgac
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
24/6/2020 - 11:45:45.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
24/6/2020 - 11:45:45.528Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot
24/6/2020 - 11:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\index164.dat
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
24/6/2020 - 11:45:45.528Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:45.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.184Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:46.231Read1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:46.278Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:46.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:46.981Open1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:46.981Unknown1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:46.981Open1480C:\malware.exeC:\
24/6/2020 - 11:45:46.981Unknown1480C:\malware.exeC:\
24/6/2020 - 11:45:46.981Open1480C:\malware.exeC:\Monitor
24/6/2020 - 11:45:46.981Unknown1480C:\malware.exeC:\Monitor
24/6/2020 - 11:45:46.981Open1480C:\malware.exeC:\Monitor\Malware
24/6/2020 - 11:45:46.981Unknown1480C:\malware.exeC:\Monitor\Malware
24/6/2020 - 11:45:46.981Open1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:46.981Unknown1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:47.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.731Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\ole32.dll
24/6/2020 - 11:45:47.731Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:45:47.731Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:45:47.778Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
24/6/2020 - 11:45:47.778Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
24/6/2020 - 11:45:47.778Open1480C:\malware.exeC:\malware.config
24/6/2020 - 11:45:47.778Open1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:47.778Unknown1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:47.825Open1480C:\malware.exeC:\Monitor\Malware
24/6/2020 - 11:45:47.825Unknown1480C:\malware.exeC:\Monitor\Malware
24/6/2020 - 11:45:47.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:47.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.153Open1480C:\malware.exeC:\Windows\SysWOW64\l_intl.nls
24/6/2020 - 11:45:48.340Open1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:48.387Unknown1480C:\malware.exeC:\malware.exe
24/6/2020 - 11:45:48.622Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:45:48.668Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:45:48.872Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:45:48.872Open1480C:\malware.exeC:\malware.exe.Local
24/6/2020 - 11:45:48.872Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:48.872Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:48.872Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:48.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:48.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:49.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:49.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:49.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:49.168Open1480C:\malware.exeC:\Windows\assembly\pubpol4.dat
24/6/2020 - 11:45:49.168Open1480C:\malware.exeC:\Windows\assembly\GAC\PublisherPolicy.tme
24/6/2020 - 11:45:49.168Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:45:49.168Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.168Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:45:49.168Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.168Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.168Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.168Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.168Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:45:49.215Open1480C:\malware.exeC:\Windows\assembly\GAC_32\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:49.215Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:49.403Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:49.403Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:49.450Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.450Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:49.450Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.497Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.543Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.590Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.637Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.684Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.731Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.778Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.825Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:49.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:49.825Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.872Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.918Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:49.965Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.12Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.59Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\VERSION.dll
24/6/2020 - 11:45:50.59Open1480C:\malware.exeC:\VERSION.dll
24/6/2020 - 11:45:50.59Open1480C:\malware.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:45:50.59Open1480C:\malware.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:45:50.59Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:50.59Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.59Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.106Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:45:50.106Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.106Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:50.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:50.809Open1480C:\malware.exeC:\Windows\Globalization\pt-br.nlp
24/6/2020 - 11:45:50.856Unknown1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:50.856Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
24/6/2020 - 11:45:50.997Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
24/6/2020 - 11:45:51.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.653Open1480C:\malware.exeC:\malware.config
24/6/2020 - 11:45:51.653Open1480C:\malware.exeC:\pt-BR\suHhR.resources.dll
24/6/2020 - 11:45:51.653Open1480C:\malware.exeC:\pt-BR\suHhR.resources\suHhR.resources.dll
24/6/2020 - 11:45:51.653Open1480C:\malware.exeC:\pt-BR\suHhR.resources.exe
24/6/2020 - 11:45:51.653Open1480C:\malware.exeC:\pt-BR\suHhR.resources\suHhR.resources.exe
24/6/2020 - 11:45:51.700Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:45:51.700Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\malware.exe.Local
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:51.887Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:51.887Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:45:51.887Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\mscorrc.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\mscorrc.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\Windows\Globalization\pt.nlp
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\pt\suHhR.resources.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\pt\suHhR.resources\suHhR.resources.dll
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\pt\suHhR.resources.exe
24/6/2020 - 11:45:51.887Open1480C:\malware.exeC:\pt\suHhR.resources\suHhR.resources.exe
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:51.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.700Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:52.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.793Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:52.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:52.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.75Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:53.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.309Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:53.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:53.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.606Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:54.653Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:54.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:54.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.122Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:45:55.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:45:55.356Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
24/6/2020 - 11:45:55.497Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.497Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
24/6/2020 - 11:45:55.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:55.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:56.575Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
24/6/2020 - 11:45:56.715Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.715Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
24/6/2020 - 11:45:56.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:56.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:57.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:57.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:57.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:57.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:57.325Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:45:57.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:57.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:57.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:57.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:58.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:45:58.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:58.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:58.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:58.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:45:58.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:45:58.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:31.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:31.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:32.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:32.793Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Gdiplus.dll
24/6/2020 - 11:46:32.793Open1480C:\malware.exeC:\malware.exe.Local
24/6/2020 - 11:46:32.793Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be
24/6/2020 - 11:46:32.793Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be
24/6/2020 - 11:46:32.793Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be
24/6/2020 - 11:46:32.793Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be\GdiPlus.dll
24/6/2020 - 11:46:32.840Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be\GdiPlus.dll
24/6/2020 - 11:46:32.887Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:46:32.887Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:46:32.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.934Open1480C:\malware.exeC:\WindowsCodecs.dll
24/6/2020 - 11:46:32.934Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsCodecs.dll
24/6/2020 - 11:46:32.934Unknown1480C:\malware.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
24/6/2020 - 11:46:32.934Open1480C:\malware.exeC:\Windows\SysWOW64\WindowsCodecs.dll
24/6/2020 - 11:46:32.934Unknown1480C:\malware.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
24/6/2020 - 11:46:32.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:32.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:33.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:33.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:34.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:34.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:34.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt-BR\ReZer0V2.resources.dll
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt-BR\ReZer0V2.resources\ReZer0V2.resources.dll
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt-BR\ReZer0V2.resources.exe
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt-BR\ReZer0V2.resources\ReZer0V2.resources.exe
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt\ReZer0V2.resources.dll
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt\ReZer0V2.resources\ReZer0V2.resources.dll
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt\ReZer0V2.resources.exe
24/6/2020 - 11:46:35.622Open1480C:\malware.exeC:\pt\ReZer0V2.resources\ReZer0V2.resources.exe
24/6/2020 - 11:46:35.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:35.903Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.43Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.43Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:36.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.684Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:37.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:37.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:37.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:38.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:38.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:38.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:38.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:38.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:38.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:38.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:38.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:38.715Open1480C:\malware.exeC:\Windows\Globalization\en-us.nlp
24/6/2020 - 11:46:38.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:38.762Open1480C:\malware.exeC:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:46:38.762Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:46:38.856Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:46:38.856Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:46:38.950Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:38.950Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:46:38.950Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:38.997Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.43Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.90Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.137Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:46:39.184Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:46:39.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:46:39.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:46:39.184Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:46:39.184Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.184Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.184Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:46:39.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:39.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:39.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:39.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:39.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:39.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:39.653Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\SysWOW64\apphelp.dll
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\SysWOW64\apphelp.dll
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\
24/6/2020 - 11:46:39.887Unknown1480C:\malware.exeC:\
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:39.887Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:39.887Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:39.887Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\ui\SwDRM.dll
24/6/2020 - 11:46:39.903Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
24/6/2020 - 11:46:39.903Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
24/6/2020 - 11:46:39.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Prefetch\REGSVCS.EXE-6C19C8B1.pf
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64win.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64win.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64cpu.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64cpu.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\System32\wow64log.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:39.950Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Monitor
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\mscoree.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\mscoree.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\sechost.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\sechost.dll
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\MSCOREE.DLL.local
24/6/2020 - 11:46:39.950Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.965Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\Upgrades.2.0.50727
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\Upgrades.2.0.50727
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:46:39.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:46:39.981Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:39.981Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.981Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe.Local
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:39.981Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
24/6/2020 - 11:46:39.981Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:39.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\fusion.localgac
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Globalization\Sorting\SortDefault.nls
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:39.997Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config
24/6/2020 - 11:46:39.997Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch
24/6/2020 - 11:46:40.12Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\index164.dat
24/6/2020 - 11:46:40.12Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
24/6/2020 - 11:46:40.12Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.12Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
24/6/2020 - 11:46:40.12Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.12Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.12Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.12Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:40.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:40.59Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.1480.1117046
24/6/2020 - 11:46:40.59Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.1480.1117046
24/6/2020 - 11:46:40.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch.1480.1117062
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:46:40.59Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:40.59Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:40.59Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET
24/6/2020 - 11:46:40.59Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework
24/6/2020 - 11:46:40.59Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\ole32.dll
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:46:40.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
24/6/2020 - 11:46:40.106Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:46:40.106Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:40.106Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\l_intl.nls
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CRYPTSP.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\cryptsp.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\cryptsp.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe.Local
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:40.122Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:40.122Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:40.122Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.122Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\pubpol4.dat
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC\PublisherPolicy.tme
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:46:40.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:40.200Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:40.200Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.293Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.340Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.434Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.481Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.481Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.528Unknown1480C:\malware.exeC:\Windows
24/6/2020 - 11:46:40.528Unknown1480C:\malware.exeC:\Monitor
24/6/2020 - 11:46:40.528Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:40.528Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:40.528Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23407_none_5c02a2f5a011f9be
24/6/2020 - 11:46:40.528Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.575Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.622Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.668Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.715Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.762Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.809Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:40.856Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.903Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.950Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:40.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.43Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.90Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:41.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:41.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Globalization\pt-br.nlp
24/6/2020 - 11:46:41.137Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:46:41.137Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.184Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.configmachine.config
24/6/2020 - 11:46:41.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bcrypt.dll
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\bcrypt.dll
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\bcrypt.dll
24/6/2020 - 11:46:41.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\bcrypt.dll
24/6/2020 - 11:46:41.278Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:41.325Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.372Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.465Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.606Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.653Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.700Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.793Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.840Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.887Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.934Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:41.981Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.28Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.75Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.122Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.168Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.215Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.262Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.309Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.356Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.450Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.497Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.590Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.637Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.684Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.731Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:42.778Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\dwmapi.dll
24/6/2020 - 11:46:42.778Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\dwmapi.dll
24/6/2020 - 11:46:42.778Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\dwmapi.dll
24/6/2020 - 11:46:42.778Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:42.825Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:42.872Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:42.918Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:42.965Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:43.12Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:43.59Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:43.106Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:43.153Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:43.200Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:43.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.293Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.340Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.434Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.481Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.528Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.575Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.622Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\VERSION.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\VERSION.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:46:43.668Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:43.715Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.762Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.809Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.856Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.903Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.950Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:43.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.43Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.90Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.278Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.325Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.372Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.512Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ntdll.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:44.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:44.606Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RpcRtRemote.dll
24/6/2020 - 11:46:44.606Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\RpcRtRemote.dll
24/6/2020 - 11:46:44.606Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
24/6/2020 - 11:46:44.606Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\RpcRtRemote.dll
24/6/2020 - 11:46:44.606Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
24/6/2020 - 11:46:44.653Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemcomn.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbemcomn.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbemcomn.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\Logs
24/6/2020 - 11:46:44.653Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\Logs
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\advapi32.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\advapi32.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemprox.dll
24/6/2020 - 11:46:44.653Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemprox.dll
24/6/2020 - 11:46:44.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wmiutils.dll
24/6/2020 - 11:46:44.668Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wmiutils.dll
24/6/2020 - 11:46:44.903Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemsvc.dll
24/6/2020 - 11:46:44.903Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemsvc.dll
24/6/2020 - 11:46:45.325Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\fastprox.dll
24/6/2020 - 11:46:45.325Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\fastprox.dll
24/6/2020 - 11:46:45.325Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\NTDSAPI.dll
24/6/2020 - 11:46:45.325Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\ntdsapi.dll
24/6/2020 - 11:46:45.325Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\ntdsapi.dll
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\SXS.DLL
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\sxs.dll
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\sxs.dll
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wbem\wbemdisp.tlb
24/6/2020 - 11:46:45.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\OLEAUT32.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe.Local
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:46.231Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.231Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dllCustomMarshalers.dll
24/6/2020 - 11:46:46.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:46.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:46.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:46.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:46.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:46.247Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\oleaut32.DLL
24/6/2020 - 11:46:47.184Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dll
24/6/2020 - 11:46:47.184Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:47.184Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:47.278Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.325Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.372Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:47.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:46:47.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.606Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:47.653Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:46:47.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
24/6/2020 - 11:46:47.747Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
24/6/2020 - 11:46:47.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.793Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.840Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.887Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.934Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
24/6/2020 - 11:46:47.934Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.934Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe.Local
24/6/2020 - 11:46:47.934Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:47.934Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:47.934Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:46:47.934Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
24/6/2020 - 11:46:47.934Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\fdef4c991303c17ece877574f240249f\System.Management.ni.dllSystem.Management.ni.dll
24/6/2020 - 11:46:48.450Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\oleaut32.dll
24/6/2020 - 11:46:55.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:55.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:55.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:46:55.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:47:5.762Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:5.809Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:5.950Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:18.309Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:18.356Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\%insfolder%\%insname%
24/6/2020 - 11:47:29.684Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:29.731Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:47:29.778Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:29.825Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dllSystem.Drawing.ni.dll
24/6/2020 - 11:47:29.872Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:29.918Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:29.965Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.12Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.59Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\shfolder.dll
24/6/2020 - 11:47:30.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\shfolder.dll
24/6/2020 - 11:47:30.106Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\shfolder.dll
24/6/2020 - 11:47:30.340Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local
24/6/2020 - 11:47:30.340Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local
24/6/2020 - 11:47:30.340Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.434Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.481Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.528Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.575Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.637Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Elements Browser\User Data
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\360Chrome\Chrome\User Data
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Comodo\Dragon\User Data
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Vivaldi\User Data
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\CocCoc\Browser\User Data
24/6/2020 - 11:47:30.684Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Yandex\YandexBrowser\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Kometa\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Chromium\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\uCozMedia\Uran\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\BraveSoftware\Brave-Browser\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\MapleStudio\ChromePlus\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Epic Privacy Browser\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Sputnik\Sputnik\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Iridium\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\7Star\7Star\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\QIP Surf\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Torch\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Opera Software\Opera Stable
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\CatalinaGroup\Citrio\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\liebao\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Chedot\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Coowon\Coowon\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Amigo\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\CentBrowser\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Orbitum\User Data
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Program Files (x86)\jDownloader\config\database.script
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Globalization\en-us.nlp
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.config
24/6/2020 - 11:47:30.700Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:47:30.700Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\regsvcs.exe.configregsvcs.exe.config
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:30.700Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:30.700Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:30.700Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:30.762Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:30.809Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.856Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.903Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.950Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:30.997Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.43Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.90Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.137Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.184Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.231Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.278Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.325Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.372Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.465Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.512Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:31.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Thunderbird\profiles.ini
24/6/2020 - 11:47:31.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.606Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:31.653Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:31.700Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.747Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Thunderbird\profiles.ini
24/6/2020 - 11:47:31.747Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.793Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.840Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.887Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.934Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:31.981Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.28Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.75Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.122Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.168Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.215Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Microsoft\Edge\User Data
24/6/2020 - 11:47:32.215Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:32.262Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\vaultcli.dll
24/6/2020 - 11:47:32.262Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\vaultcli.dll
24/6/2020 - 11:47:32.262Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\vaultcli.dll
24/6/2020 - 11:47:32.262Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\vaultcli.dll
24/6/2020 - 11:47:33.28Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.28Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Moonchild Productions\Pale Moon\profiles.ini
24/6/2020 - 11:47:33.28Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Moonchild Productions\Pale Moon\profiles.ini
24/6/2020 - 11:47:33.28Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Claws-mail
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Claws-mail\clawsrc
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\Firefox\profiles.ini
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\Firefox\profiles.ini
24/6/2020 - 11:47:33.43Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\FileZilla\recentservers.xml
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini
24/6/2020 - 11:47:33.43Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini
24/6/2020 - 11:47:33.59Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Storage
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\mail
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\VirtualStore\Program Files\Foxmail\mail\
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\VirtualStore\Program Files (x86)\Foxmail\mail\
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Google\Chrome\User Data\
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Comodo\IceDragon\profiles.ini
24/6/2020 - 11:47:33.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Comodo\IceDragon\profiles.ini
24/6/2020 - 11:47:33.59Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
24/6/2020 - 11:47:33.106Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.153Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\
24/6/2020 - 11:47:33.153Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.200Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\
24/6/2020 - 11:47:33.200Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Postbox\profiles.ini
24/6/2020 - 11:47:33.200Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Postbox\profiles.ini
24/6/2020 - 11:47:33.200Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\UCBrowser
24/6/2020 - 11:47:33.200Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Program Files (x86)
24/6/2020 - 11:47:33.200Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Program Files (x86)
24/6/2020 - 11:47:33.200Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.247Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\plutil.exe
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Waterfox\profiles.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Waterfox\profiles.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\falkon\profiles\profiles.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Ipswitch\WS_FTP\Sites\ws_ftp.ini
24/6/2020 - 11:47:33.293Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\FTP Navigator\Ftplist.txt
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe.Local
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:47:33.528Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:47:33.528Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\mscorrc.dll
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\pt-BR\mscorrc.dll
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\The Bat!
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Flock\Browser\profiles.ini
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_32\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
24/6/2020 - 11:47:33.528Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\FTPGetter\servers.xml
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.543Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Monitor
24/6/2020 - 11:47:33.543Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Monitor
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\netsh.exe
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Monitor\netsh.exe
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\apphelp.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\apphelp.dll
24/6/2020 - 11:47:33.543Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\AppPatch\sysmain.sdb
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:47:33.559Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:47:33.559Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:33.559Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\ui\SwDRM.dll
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dllSystem.ni.dll
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.559Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\Prefetch\NETSH.EXE-CD959116.pf
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64win.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64win.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64cpu.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64cpu.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\wow64log.dll
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows
24/6/2020 - 11:47:33.606Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows
24/6/2020 - 11:47:33.606Open2272C:\Windows\SysWOW64\netsh.exeC:\Monitor
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\sechost.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\sechost.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\credui.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\credui.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mpr.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mpr.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.762Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\imm32.dll
24/6/2020 - 11:47:33.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\netsh.exe.mui
24/6/2020 - 11:47:33.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\credui.dll
24/6/2020 - 11:47:33.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netsh.exe.Local
24/6/2020 - 11:47:33.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
24/6/2020 - 11:47:33.825Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
24/6/2020 - 11:47:33.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
24/6/2020 - 11:47:33.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\WindowsShell.Manifest
24/6/2020 - 11:47:33.840Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasmontr.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasmontr.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mprapi.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mprapi.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasapi32.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasapi32.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasman.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rasman.dll
24/6/2020 - 11:47:33.840Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mfc42u.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mfc42u.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\odbc32.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\odbc32.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winnsi.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winnsi.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\odbcint.dll
24/6/2020 - 11:47:33.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\odbcint.dll
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\MFC42LOC.DLL
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\MFC42LOC.DLL.DLL
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\MFC42LOC.DLL
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\System32\MFC42LOC.DLL.DLL
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshwfp.dll
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshwfp.dll
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\slc.dll
24/6/2020 - 11:47:33.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\slc.dll
24/6/2020 - 11:47:33.934Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dll
24/6/2020 - 11:47:33.981Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:33.981Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dll
24/6/2020 - 11:47:33.981Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:34.28Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:34.75Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:34.122Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc.dll
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc.dll
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
24/6/2020 - 11:47:34.168Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
24/6/2020 - 11:47:34.168Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:34.168Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:34.450Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\QUTIL.DLL
24/6/2020 - 11:47:34.450Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\QUTIL.DLL
24/6/2020 - 11:47:34.731Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wevtapi.dll
24/6/2020 - 11:47:34.731Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wevtapi.dll
24/6/2020 - 11:47:34.825Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dhcpcmonitor.dlldhcpcmonitor.dll
24/6/2020 - 11:47:34.872Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wshelper.dll
24/6/2020 - 11:47:34.918Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wshelper.dll
24/6/2020 - 11:47:35.106Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\ws2help.dll
24/6/2020 - 11:47:35.153Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\ws2help.dll
24/6/2020 - 11:47:35.293Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mswsock.dll
24/6/2020 - 11:47:35.293Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\mswsock.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\Globalization\Sorting\SortDefault.nls
24/6/2020 - 11:47:35.340Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshhttp.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshhttp.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\httpapi.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\httpapi.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\fwcfg.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\fwcfg.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dll
24/6/2020 - 11:47:35.340Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\version.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\FirewallAPI.dllFirewallAPI.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dll
24/6/2020 - 11:47:35.340Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcrypt.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcrypt.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winipsec.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winipsec.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\authfwcfg.dllauthfwcfg.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\ifmon.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\ifmon.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nci.dll
24/6/2020 - 11:47:35.356Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nci.dll
24/6/2020 - 11:47:35.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\devrtl.dll
24/6/2020 - 11:47:35.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\devrtl.dll
24/6/2020 - 11:47:35.778Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netiohlp.dll
24/6/2020 - 11:47:35.825Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netiohlp.dll
24/6/2020 - 11:47:36.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\tzres.dll
24/6/2020 - 11:47:36.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\tzres.dll
24/6/2020 - 11:47:36.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\tzres.dll
24/6/2020 - 11:47:36.59Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\tzres.dll
24/6/2020 - 11:47:36.106Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dnsapi.dll
24/6/2020 - 11:47:36.106Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dnsapi.dll
24/6/2020 - 11:47:36.200Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\whhelper.dll
24/6/2020 - 11:47:36.200Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\whhelper.dll
24/6/2020 - 11:47:36.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winhttp.dll
24/6/2020 - 11:47:36.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\winhttp.dll
24/6/2020 - 11:47:36.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\webio.dll
24/6/2020 - 11:47:36.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\webio.dll
24/6/2020 - 11:47:36.434Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\hnetmon.dll
24/6/2020 - 11:47:36.434Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\hnetmon.dll
24/6/2020 - 11:47:36.622Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netshell.dll
24/6/2020 - 11:47:36.622Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netshell.dll
24/6/2020 - 11:47:36.950Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nlaapi.dll
24/6/2020 - 11:47:36.950Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nlaapi.dll
24/6/2020 - 11:47:37.90Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rpcnsh.dll
24/6/2020 - 11:47:37.137Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rpcnsh.dll
24/6/2020 - 11:47:37.372Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dot3cfg.dll
24/6/2020 - 11:47:37.372Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dot3cfg.dll
24/6/2020 - 11:47:37.653Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dot3api.dll
24/6/2020 - 11:47:37.653Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dot3api.dll
24/6/2020 - 11:47:37.934Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\atl.dll
24/6/2020 - 11:47:37.934Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\atl.dll
24/6/2020 - 11:47:37.934Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\eappcfg.dll
24/6/2020 - 11:47:37.934Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\eappcfg.dll
24/6/2020 - 11:47:38.215Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\onex.dll
24/6/2020 - 11:47:38.262Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\onex.dll
24/6/2020 - 11:47:38.543Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\eappprxy.dll
24/6/2020 - 11:47:38.543Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\eappprxy.dll
24/6/2020 - 11:47:39.12Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\NAPMONTR.DLL
24/6/2020 - 11:47:39.59Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\NAPMONTR.DLL
24/6/2020 - 11:47:39.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\certcli.dll
24/6/2020 - 11:47:39.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\certcli.dll
24/6/2020 - 11:47:39.903Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshipsec.dll
24/6/2020 - 11:47:39.903Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\nshipsec.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netapi32.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netapi32.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netutils.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\netutils.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\srvcli.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\srvcli.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wkscli.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wkscli.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\logoncli.dll
24/6/2020 - 11:47:40.184Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\logoncli.dll
24/6/2020 - 11:47:40.465Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\activeds.dll
24/6/2020 - 11:47:40.465Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\activeds.dll
24/6/2020 - 11:47:40.700Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\adsldpc.dll
24/6/2020 - 11:47:40.700Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\adsldpc.dll
24/6/2020 - 11:47:41.28Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\polstore.dll
24/6/2020 - 11:47:41.28Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\polstore.dll
24/6/2020 - 11:47:41.262Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\polstore.dll
24/6/2020 - 11:47:41.309Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pnetsh.dll
24/6/2020 - 11:47:41.309Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pnetsh.dll
24/6/2020 - 11:47:41.309Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\P2P.dll
24/6/2020 - 11:47:41.309Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\P2P.dll
24/6/2020 - 11:47:41.309Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\P2P.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dll
24/6/2020 - 11:47:41.325Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dll
24/6/2020 - 11:47:41.325Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlancfg.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlancfg.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanapi.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanapi.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanutil.dll
24/6/2020 - 11:47:41.325Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanutil.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanhlp.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\wlanhlp.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dll
24/6/2020 - 11:47:41.340Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rpcss.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:47:41.340Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\uxtheme.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\cryptsp.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\cryptsp.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dll
24/6/2020 - 11:47:41.387Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dll
24/6/2020 - 11:47:41.387Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\qagentrt.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dnsapi.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\dnsapi.dll
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\QAGENT.DLL
24/6/2020 - 11:47:41.387Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\QAGENT.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\DHCPQEC.DLL
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.mui
24/6/2020 - 11:47:41.403Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.muinapipsec.dll.mui
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.mui
24/6/2020 - 11:47:41.403Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.muinapipsec.dll.mui
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.mui
24/6/2020 - 11:47:41.403Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.muinapipsec.dll.mui
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.mui
24/6/2020 - 11:47:41.403Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\napipsec.dll.muinapipsec.dll.mui
24/6/2020 - 11:47:41.403Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\napipsec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.418Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\tsgqec.dll
24/6/2020 - 11:47:41.481Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.481Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.481Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.622Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUI
24/6/2020 - 11:47:41.668Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUIEAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUIEAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUIEAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\EAPQEC.DLL.MUIEAPQEC.DLL.MUI
24/6/2020 - 11:47:41.715Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\EAPQEC.DLL
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\rsaenh.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\RpcRtRemote.dll
24/6/2020 - 11:47:41.809Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
24/6/2020 - 11:47:41.809Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\RpcRtRemote.dll
24/6/2020 - 11:47:41.809Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
24/6/2020 - 11:47:41.856Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\p2pnetsh.dll.mui
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\p2pnetsh.dll.muip2pnetsh.dll.mui
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\p2pnetsh.dll.muip2pnetsh.dll.mui
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.856Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.903Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\gpapi.dll
24/6/2020 - 11:47:41.903Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\gpapi.dll
24/6/2020 - 11:47:41.997Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.997Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.997Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\PeerDistSh.dllPeerDistSh.dll
24/6/2020 - 11:47:41.997Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcryptprimitives.dll
24/6/2020 - 11:47:41.997Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
24/6/2020 - 11:47:41.997Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcryptprimitives.dll
24/6/2020 - 11:47:41.997Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
24/6/2020 - 11:47:42.43Open2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\wlancfg.dll.mui
24/6/2020 - 11:47:42.43Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\wlancfg.dll.muiwlancfg.dll.mui
24/6/2020 - 11:47:42.43Read2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\wlancfg.dll.muiwlancfg.dll.mui
24/6/2020 - 11:47:42.372Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows
24/6/2020 - 11:47:42.372Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Monitor
24/6/2020 - 11:47:42.372Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\SysWOW64\pt-BR\netsh.exe.muinetsh.exe.mui
24/6/2020 - 11:47:42.372Unknown2272C:\Windows\SysWOW64\netsh.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
24/6/2020 - 11:47:42.372Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\cftp\Ftplist.txt
24/6/2020 - 11:47:42.372Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\icecat\profiles.ini
24/6/2020 - 11:47:42.372Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\icecat\profiles.ini
24/6/2020 - 11:47:42.372Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Trillian\users\global\accounts.dat
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Pocomail\accounts.ini
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Monitor\Folder.lst
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\All Users\AppData\Roaming\FlashFXP\3quick.dat
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\ProgramData\APPDATA\ROAMING\FLASHFXP\3QUICK.DAT
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
24/6/2020 - 11:47:42.387Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.387Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:47:42.403Unknown2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dllSystem.Xml.ni.dll
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Psi\profiles
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Psi+\profiles
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\K-Meleon\profiles.ini
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\K-Meleon\profiles.ini
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\CoreFTP\sites.idx
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.403Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\mpr.dll
24/6/2020 - 11:47:42.418Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\mpr.dll
24/6/2020 - 11:47:42.418Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\scrrun.dll
24/6/2020 - 11:47:42.418Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\scrrun.dll
24/6/2020 - 11:47:42.418Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\SysWOW64\wshom.ocx
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dllmscorlib.ni.dll
24/6/2020 - 11:47:42.418Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
24/6/2020 - 11:47:42.434Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Tencent\QQBrowser\User Data
24/6/2020 - 11:47:42.434Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Local\Tencent\QQBrowser\User Data\Default\EncryptedStorage
24/6/2020 - 11:47:42.434Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Opera Mail\Opera Mail\wand.dat
24/6/2020 - 11:47:42.434Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\SeaMonkey\profiles.ini
24/6/2020 - 11:47:42.434Open2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Users\Behemot\AppData\Roaming\Mozilla\SeaMonkey\profiles.ini
24/6/2020 - 11:47:55.778Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
24/6/2020 - 11:47:55.825Read2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll

Process
Trace
24/6/2020 - 11:46:39.887Create1480C:\malware.exe2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
24/6/2020 - 11:47:33.543Create2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe2272C:\Windows\SysWOW64\netsh.exe
24/6/2020 - 11:47:42.372Terminate2124C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe2272C:\Windows\SysWOW64\netsh.exe

Analysis
Reason
Timeout

Status
Sucessfully Executed

Results
1

Registry
Trace
24/6/2020 - 11:47:41.387Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.387Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.387Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.387Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.387Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\dhcpqec.dll,-100
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\dhcpqec.dll,-101
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\dhcpqec.dll,-103
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\dhcpqec.dll,-102
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\napipsec.dll,-1
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\napipsec.dll,-2
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\napipsec.dll,-4
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\napipsec.dll,-3
24/6/2020 - 11:47:41.403Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\tsgqec.dll,-100
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\tsgqec.dll,-101
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\tsgqec.dll,-102
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\tsgqec.dll,-103
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.418Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\eapqec.dll,-100
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\eapqec.dll,-101
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\eapqec.dll,-102
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDB@%SystemRoot%\system32\eapqec.dll,-103
24/6/2020 - 11:47:41.715Write2272C:\Windows\SysWOW64\netsh.exeHKCU\Local Settings\MuiCache\5\96383CDBLanguageList

File Summary
Created
Identified: False cancel

Deleted
Identified: False cancel

Process Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Registry Summary
Proxy
Identified: False cancel

AutoRun
Identified: False cancel

Created
Identified: True check_circle

Deleted
Identified: False cancel

Browsers
Identified: False cancel

Internet
Identified: False cancel

Loading...

DNS
Query

Response

TCP
Info

UDP
Info

HTTP
Info

Summary
DNS
False cancel

TCP
False cancel

UDP
False cancel

HTTP
False cancel

Results
BINARY
KNN (K=3, NFS-BRMalware)
confidence: 66.67%
suspicious: False cancel

Decision Tree (NFS-BRMalware)
confidence: 100.00%
suspicious: True check_circle

SVC (Kernel=Linear, NFS-BRMalware)
confidence: 70.07%
suspicious: False cancel

MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 94.16%
suspicious: True check_circle

Random Forest (100 estimators, NFS-BRMalware)
confidence: 65.00%
suspicious: True check_circle

Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 68.93%
suspicious: True check_circle

LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 94.79%
suspicious: True check_circle

Add to Collection
Download