Report #11149 check_circle
- Creation Date: Sept. 8, 2020, 1:40 a.m.
- Last Update: Sept. 8, 2020, 1:44 a.m.
- File: 048
- Results:
Binary
DLL
False cancel
Size
1.17MB
trid
61.8% Win32 Executable MS Visual C++13.0% Win32 Dynamic Link Library8.9% Win32 Executable4.1% Win16/32 Executable Delphi generic4.0% OS/2 Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
8ba8a22ba30e2dd2eb69bb9f50841ee3
sha1
2f0046fc80d6aad6464f1c064873aa7becd540cd
crc32
0xfbe836f2
sha224
311caedd26dcb35090b4ef7fa176b1c9e62755d17cff6dcb88ba97ae
sha256
2923b0d410dc2b3827f3c66ed06aac9247f7038a0e95a6328bc7d1c8da4c570b
sha384
69e1016fd09a03107fcf99f43754d10aff308983510887423c21deef637e3f246d747d49f389f9dab2f87201c96abe38
sha512
b66aa465d4c90277d499d39f16464d9895c3a7cb8de3ccfd2d619da2331859d91275727d7794509f3b3080afef17e13c55e18414e6e01ab0e1e4b74e7df05954
ssdeep
3072:0jY9xJ5k3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3v3veX:v9DeCBa1kf0A
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
domain, contentis_base64, Check_OutputDebugStringA_iat, HasDigitalSignature, screenshot, url, win_token, win_mutex, win_registry, Microsoft_Visual_Cpp_v50v60_MFC, HasOverlay, win_files_operation, IsPE32, anti_dbg, IsWindowsGUI, IP
Suspicious
True check_circle
Strings
List
,https://www.example.com/my_product/info.html0siy.alwmlaunch.exewmlaunch.exename="Microsoft.Windows.MediaPlayer.WMLaunch"co0.ec:$11w.roCOMCTL32.dllCla/eHw.dlkRinterfacE\{b196b287-bab4-101a-b69c-00aa00341d07}`E>8ra%8Fi"iNa0d]%e*tmg%naT_sro%Edd<description>Windows Media Player Launcher</description>]AuzgRu`Cmd0aTCpaEMUAEJ<requestedPrivileges>Windows Media Player LauncherGetProcAddressExitProcessCreateEventWSetWinEventHookDDPIgVncJvGetForegroundWindowSuspendThreadCreateProcessWCreateProcessATerminateProcessOpenProcessTokenDeviceIoControlShellExecuteExWVirtualAllocCoCreateInstanceVirtualAllocMapViewOfFileExMapViewOfFileVirtualProtectControlServiceCreateDirectoryWGetModuleHandleARegOpenKeyWDeleteFileWRegCreateKeyExWCreateFileMappingARegQueryValueExWLoadLibraryARemoveDirectoryARegDeleteValueWOpenServiceWLoadResourceCreateMutexWOpenSCManagerWStartServiceWQueryPerformanceCounterRegOpenKeyExADeleteServiceGetModuleFileNameARemoveDirectoryWGetModuleFileNameWHeapCreateSetFilePointerRegQueryValueExARegOpenKeyExWCreateDirectoryAFreeLibraryLoadLibraryExWCopyFileWFindNextFileWGetModuleHandleWRegSetValueExWFindFirstFileWWriteFileCreateFileWLoadLibraryWCreateFileARegDeleteKeyWMoveFileExWCreateFileMappingWReadFileMicrosoft Corporation. All rights reserved.GetTickCounthe wYBbqVSSleepGetDC<requestedExecutionLevelGetConsoleOutputCPGetCPInfoGetProcessHeapEN3D$N5Eversion="5.1.0.0"ap!6tPe1"12g-roeZssq$11g.rouYss__E)t_'4p_Z2WaPra_esbe6vun&kn<FibaPc5"10w9et"10w9et
Foremost
Matches
0.exe, 1 MB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancelAllowedSuspicioushasAllowed: False cancelhasSuspicious: False cancel
URLs
AllowedhasURLs: True check_circleSuspicious: https://www.example.com/my_product/info.html0hasAllowed: False cancelhasSuspicious: True check_circle
Files
Allowed: ADVAPI32.dll, ole32.dll, SHELL32.dll, COMCTL32.dll, COMDLG32.dll, GDI32.dll, USER32.dll, KERNEL32.dllhasFiles: True check_circleSuspicioushasAllowed: True check_circlehasSuspicious: False cancel
Binary
Sizes
RVARVA: 16Suspicious: False cancelCodeSize: 802304Suspicious: False cancelImageAddress: 4194304Suspicious: False cancelStackStack: 4096Suspicious: False cancelHeadersHeaders: 1024Suspicious: False cancelSuspicious: False cancel
Symbols
NumberNumber: 0Suspicious: True check_circlePointerPointer: 0Suspicious: True check_circleDirectoriesNumber: 16Suspicious: False cancel
Checksum
Value: 1256702Suspicous: False cancel
Sections
Allowed: .text, .data, .rdata8, .rsrcSuspicioushasAllowed: True check_circlehasSections: True check_circlehasSuspicious: False cancel
Versions
OSVersion: 4Suspicious: False cancelImageVersion: True check_circleSuspicious: 4LinkerVersion: 2.50Suspicious: False cancelSubsystemVersion: 4.0Suspicious: False cancelSuspicious: False cancel
EntryPoint
Address: 419200Suspicious: False cancel
Anomalies
AnomalieshasAnomalies: False cancel
Libraries
Allowed: advapi32.dll, ole32.dll, shell32.dll, comctl32.dll, comdlg32.dll, gdi32.dll, user32.dll, kernel32.dllhasLibs: True check_circleSuspicioushasAllowed: True check_circlehasSuspicious: False cancel
Timestamp
Past: False cancelValid: True check_circleValue: 2020-07-28 23:33:49Future: False cancel
Compilation
Packed: False cancelMissing: True check_circlePackersCompiled: False cancelCompilers
Obfuscation
XOR: False cancelFuzzing: False cancel
PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushret
.data: 16.text: 1
pushpopmath
.data: 22.text: 1
garbagebytes
.data: 4.text: 1
programcontrolflowchange
.data: 4.text: 1
cpuinstructionsresultscomparison
.data: 3
AVclass
bobik
1
VirusTotal
md5
8ba8a22ba30e2dd2eb69bb9f50841ee3
sha1
2f0046fc80d6aad6464f1c064873aa7becd540cd
SCANS (DETECTION RATE = 73.61%)
AVG
result: Win32:DangerousSig [Trj]update: 20200806version: 18.4.3895.0detected: True check_circle
CMC
update: 20200805version: 2.7.2019.1detected: False cancel
MAX
result: malware (ai score=89)update: 20200806version: 2019.9.16.1detected: True check_circle
APEX
result: Maliciousupdate: 20200804version: 6.56detected: True check_circle
Bkav
result: W32.AIDetectVM.malware2update: 20200806version: 1.3.0.9899detected: True check_circle
K7GW
result: Trojan ( 005652be1 )update: 20200806version: 11.128.34909detected: True check_circle
ALYac
result: Gen:Variant.Razy.725518update: 20200806version: 1.1.1.5detected: True check_circle
Avast
result: Win32:DangerousSig [Trj]update: 20200806version: 18.4.3895.0detected: True check_circle
Avira
result: TR/Kryptik.kdxerupdate: 20200806version: 8.3.3.8detected: True check_circle
Baidu
update: 20190318version: 1.0.0.2detected: False cancel
Cynet
result: Malicious (score: 85)update: 20200806version: 4.0.0.24detected: True check_circle
Cyren
result: W32/Trojan.MSQE-8110update: 20200806version: 6.3.0.2detected: True check_circle
DrWeb
update: 20200806version: 7.0.46.3050detected: False cancel
GData
result: Gen:Variant.Razy.725518update: 20200806version: A:25.26487B:27.19700detected: True check_circle
Panda
result: Trj/GdSda.Aupdate: 20200805version: 4.6.4.2detected: True check_circle
VBA32
result: BScope.Trojan.Injectupdate: 20200805version: 4.4.1detected: True check_circle
VIPRE
result: Trojan.Win32.Generic!BTupdate: 20200806version: 85730detected: True check_circle
Zoner
update: 20200806version: 0.0.0.0detected: False cancel
ClamAV
update: 20200805version: 0.102.4.0detected: False cancel
Comodo
update: 20200728version: 32668detected: False cancel
F-Prot
update: 20200806version: 4.7.1.166detected: False cancel
Ikarus
result: Trojan-Spy.Agentupdate: 20200805version: 0.1.5.2detected: True check_circle
McAfee
result: Packed-GBS!8BA8A22BA30Eupdate: 20200806version: 6.0.6.653detected: True check_circle
Rising
result: Trojan.Kryptik!1.C974 (CLOUD)update: 20200806version: 25.0.0.26detected: True check_circle
Sophos
result: Mal/EncPk-APVupdate: 20200806version: 4.98.0detected: True check_circle
Yandex
update: 20200707version: 5.5.2.24detected: False cancel
Zillya
result: Downloader.Deyma.Win32.166update: 20200805version: 2.0.0.4148detected: True check_circle
Acronis
update: 20200603version: 1.1.1.76detected: False cancel
Alibaba
result: Trojan:Win32/Kryptik.a56dbe92update: 20190527version: 0.3.0.5detected: True check_circle
Arcabit
result: Trojan.Razy.DB120Eupdate: 20200806version: 1.0.0.877detected: True check_circle
Cylance
result: Unsafeupdate: 20200806version: 2.3.1.101detected: True check_circle
Endgame
result: malicious (high confidence)update: 20200727version: 4.0.6detected: True check_circle
FireEye
result: Generic.mg.8ba8a22ba30e2dd2update: 20200806version: 32.36.1.0detected: True check_circle
Sangfor
result: Malwareupdate: 20200423version: 1.0detected: True check_circle
TACHYON
update: 20200806version: 2020-08-06.02detected: False cancel
Tencent
result: Malware.Win32.Gencirc.11a9aac1update: 20200806version: 1.0.0.1detected: True check_circle
ViRobot
update: 20200806version: 2014.3.20.0detected: False cancel
Webroot
update: 20200806version: 1.0.0.403detected: False cancel
eGambit
update: 20200806detected: False cancel
Ad-Aware
result: Gen:Variant.Razy.725518update: 20200806version: 3.0.5.370detected: True check_circle
AegisLab
result: Trojan.Win32.Bobik.l!cupdate: 20200806version: 4.2detected: True check_circle
Emsisoft
result: Gen:Variant.Razy.725518 (B)update: 20200806version: 2018.12.0.1641detected: True check_circle
F-Secure
result: Trojan.TR/Kryptik.kdxerupdate: 20200806version: 12.0.86.52detected: True check_circle
Fortinet
result: W32/Cridex.VHO!trupdate: 20200806version: 6.2.142.0detected: True check_circle
Invincea
result: heuristicupdate: 20200502version: 6.3.6.26157detected: True check_circle
Jiangmin
result: TrojanDownloader.Deyma.qqupdate: 20200806version: 16.0.100detected: True check_circle
Kingsoft
update: 20200806version: 2013.8.14.323detected: False cancel
Paloalto
result: generic.mlupdate: 20200806version: 1.0detected: True check_circle
Symantec
result: ML.Attribute.HighConfidenceupdate: 20200806version: 1.11.0.0detected: True check_circle
Trapmine
update: 20200727version: 3.5.0.1023detected: False cancel
AhnLab-V3
update: 20200806version: 3.18.1.10026detected: False cancel
Antiy-AVL
result: Trojan[Downloader]/Win32.Deymaupdate: 20200806version: 3.0.0.1detected: True check_circle
Kaspersky
result: Trojan-Spy.Win32.Bobik.eneupdate: 20200806version: 15.0.1.13detected: True check_circle
Microsoft
result: Trojan:Win32/Cridex.AR!certupdate: 20200806version: 1.1.17300.4detected: True check_circle
Qihoo-360
result: Generic/HEUR/QVM20.1.E37E.Malware.Genupdate: 20200806version: 1.0.0.1120detected: True check_circle
ZoneAlarm
result: Trojan-Spy.Win32.Bobik.eneupdate: 20200806version: 1.0detected: True check_circle
Cybereason
result: malicious.c80d6aupdate: 20190616version: 1.2.449detected: True check_circle
ESET-NOD32
result: a variant of Win32/Kryptik.HFHMupdate: 20200805version: 21771detected: True check_circle
TrendMicro
result: TROJ_GEN.R002C0PGT20update: 20200806version: 11.0.0.1006detected: True check_circle
BitDefender
result: Gen:Variant.Razy.725518update: 20200806version: 7.2detected: True check_circle
CrowdStrike
result: win/malicious_confidence_100% (W)update: 20190702version: 1.0detected: True check_circle
K7AntiVirus
result: Trojan ( 005652be1 )update: 20200806version: 11.128.34910detected: True check_circle
SentinelOne
result: DFI - Malicious PEupdate: 20200725version: 4.4.0.0detected: True check_circle
Avast-Mobile
update: 20200806version: 200806-00detected: False cancel
Malwarebytes
result: Spyware.PasswordStealerupdate: 20200806version: 3.6.4.335detected: True check_circle
TotalDefense
update: 20200806version: 37.1.62.1detected: False cancel
CAT-QuickHeal
result: Trojanspy.Bobikupdate: 20200806version: 14.00detected: True check_circle
NANO-Antivirus
result: Trojan.Win32.Bobik.hpqiwfupdate: 20200806version: 1.0.134.25119detected: True check_circle
BitDefenderTheta
result: Gen:NN.ZexaF.34152.kr1@aCYR!zeiupdate: 20200805version: 7.2.37796.0detected: True check_circle
MicroWorld-eScan
result: Gen:Variant.Razy.725518update: 20200806version: 14.0.409.0detected: True check_circle
SUPERAntiSpyware
update: 20200731version: 5.6.0.1032detected: False cancel
TrendMicro-HouseCall
result: TROJ_GEN.R002C0PGT20update: 20200806version: 10.0.0.1040detected: True check_circle
total
72
sha256
2923b0d410dc2b3827f3c66ed06aac9247f7038a0e95a6328bc7d1c8da4c570b
scan_id
2923b0d410dc2b3827f3c66ed06aac9247f7038a0e95a6328bc7d1c8da4c570b-1596696221
resource
8ba8a22ba30e2dd2eb69bb9f50841ee3
positives
53
scan_date
2020-08-06 06:43:41
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\AVAST Software | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Avira | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Kaspersky Lab | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\ESET | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Panda Security | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Doctor Web | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\AVG | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\360TotalSecurity | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Bitdefender | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Norton | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Sophos | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\Comodo | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\programdata\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:42.762 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.762 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.762 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.778 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.778 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Read | 1480 | C:\malware.exe | C:\malware.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe:Zone.Identifier | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe:Zone.Identifier | |
| 8/9/2020 - 0:45:42.903 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:42.903 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.75 | Write | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Read | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\programdata\1321ba6d1f\ui\SwDRM.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Read | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Read | 1480 | C:\malware.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\Prefetch\BDIF.EXE-3877C1E9.pf | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\System32\wow64log.dll | |
| 8/9/2020 - 0:45:43.262 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:45:43.262 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\bdif.exe.Local | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc | |
| 8/9/2020 - 0:45:43.278 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll | |
| 8/9/2020 - 0:45:43.278 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:45:43.293 | Unknown | 1480 | C:\malware.exe | C:\Windows | |
| 8/9/2020 - 0:45:43.293 | Unknown | 1480 | C:\malware.exe | C:\Monitor | |
| 8/9/2020 - 0:45:43.293 | Unknown | 1480 | C:\malware.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc | |
| 8/9/2020 - 0:45:43.293 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\4350ijy30u945j9f | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\4350ijy30u945j9f | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\Fonts\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\system\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wbem\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\zZoddUUrBc | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\Fonts\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\system\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wbem\jsMbd Trk | |
| 8/9/2020 - 0:45:43.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\jsMbd Trk | |
| 8/9/2020 - 0:45:43.325 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\bdif.exe | |
| 8/9/2020 - 0:45:43.372 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\WSOCK32.DLL | |
| 8/9/2020 - 0:45:43.372 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wsock32.dll | |
| 8/9/2020 - 0:45:43.372 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wsock32.dll | |
| 8/9/2020 - 0:45:43.372 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:43.372 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.372 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.372 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:43.387 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:43.387 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.387 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | |
| 8/9/2020 - 0:45:43.387 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\a174c1ef10e2077451f5b6dda83242a1 | a174c1ef10e2077451f5b6dda83242a1 |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\AVAST Software | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Avira | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Kaspersky Lab | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\ESET | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Panda Security | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Doctor Web | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\AVG | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\360TotalSecurity | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Bitdefender | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Norton | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Sophos | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\Comodo | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\version.DLL | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\version.dll | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\version.dll | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | |
| 8/9/2020 - 0:45:43.387 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\uxtheme.dll | |
| 8/9/2020 - 0:45:43.387 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\uxtheme.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\api-ms-win-downlevel-shlwapi-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll | api-ms-win-downlevel-shlwapi-l2-1-0.dll |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll | api-ms-win-downlevel-shlwapi-l2-1-0.dll |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\Secur32.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\secur32.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\secur32.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files | |
| 8/9/2020 - 0:45:43.434 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\api-ms-win-downlevel-advapi32-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll | api-ms-win-downlevel-advapi32-l2-1-0.dll |
| 8/9/2020 - 0:45:43.434 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll | |
| 8/9/2020 - 0:45:43.434 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll | api-ms-win-downlevel-advapi32-l2-1-0.dll |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\winhttp.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\winhttp.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\webio.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\webio.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\IPHLPAPI.DLL | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\IPHLPAPI.DLL | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\IPHLPAPI.DLL | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\WINNSI.DLL | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\winnsi.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\winnsi.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\DNSAPI.dll | |
| 8/9/2020 - 0:45:43.481 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dnsapi.dll | |
| 8/9/2020 - 0:45:43.497 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dnsapi.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\mswsock.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\mswsock.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wship6.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wship6.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\History | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\History | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\History | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5 | |
| 8/9/2020 - 0:45:43.543 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5 | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rpcss.dll | |
| 8/9/2020 - 0:45:43.543 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rpcss.dll | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\netprofm.dll | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\netprofm.dll | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\nlaapi.dll | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\nlaapi.dll | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\dhcpcsvc6.DLL | |
| 8/9/2020 - 0:45:43.559 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc6.dll | |
| 8/9/2020 - 0:45:43.622 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc6.dll | dhcpcsvc6.dll |
| 8/9/2020 - 0:45:43.622 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc6.dll | |
| 8/9/2020 - 0:45:43.622 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc6.dll | dhcpcsvc6.dll |
| 8/9/2020 - 0:45:43.622 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WSHTCPIP.DLL | |
| 8/9/2020 - 0:45:43.622 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WSHTCPIP.DLL | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\dhcpcsvc.DLL | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\dhcpcsvc.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\CRYPTSP.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cryptsp.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cryptsp.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rsaenh.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\RpcRtRemote.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\RpcRtRemote.dll | |
| 8/9/2020 - 0:45:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\RpcRtRemote.dll | RpcRtRemote.dll |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\RpcRtRemote.dll | |
| 8/9/2020 - 0:45:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\RpcRtRemote.dll | RpcRtRemote.dll |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\rasadhlp.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rasadhlp.dll | |
| 8/9/2020 - 0:45:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\rasadhlp.dll | |
| 8/9/2020 - 0:45:43.778 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\npmproxy.dll | |
| 8/9/2020 - 0:45:43.778 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\npmproxy.dll | |
| 8/9/2020 - 0:45:43.825 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\FWPUCLNT.DLL | |
| 8/9/2020 - 0:45:43.825 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\FWPUCLNT.DLL | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wininet.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\bdif.exe.Local | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d | |
| 8/9/2020 - 0:45:43.981 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\WindowsShell.Manifest | |
| 8/9/2020 - 0:45:43.981 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\WindowsShell.Manifest | WindowsShell.Manifest |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\ws2_32.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\ws2_32.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WSHTCPIP.DLL | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WSHTCPIP.DLL | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\WSHTCPIP.DLL | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wship6.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wship6.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wship6.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:43.981 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wshqos.dll | |
| 8/9/2020 - 0:45:44.840 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wininet.dll | |
| 8/9/2020 - 0:45:44.840 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wininet.dll | |
| 8/9/2020 - 0:46:29.122 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:46:43.465 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\cmd.exe | |
| 8/9/2020 - 0:46:43.465 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\cmd.exe | |
| 8/9/2020 - 0:46:43.465 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.465 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.465 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ | |
| 8/9/2020 - 0:46:43.653 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.653 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.653 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\ui\SwDRM.dll | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ProgramData\1321ba6d1f\REG.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Monitor\REG.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ | |
| 8/9/2020 - 0:46:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\ | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Unknown | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.668 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.668 | Read | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\reg.exe | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf | |
| 8/9/2020 - 0:46:43.731 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf | CMD.EXE-AC113AA8.pf |
| 8/9/2020 - 0:46:43.731 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf | CMD.EXE-AC113AA8.pf |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | \Device\HarddiskVolume2 | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32 | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32 | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32 | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Temp | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Temp | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Temp | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\ntdll.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\ntdll.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\kernel32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\kernel32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\kernel32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\kernel32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\user32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\user32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\ntdll.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\ntdll.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\apisetschema.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\apisetschema.dll | apisetschema.dll |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\KernelBase.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\KernelBase.dll | KernelBase.dll |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\locale.nls | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\locale.nls | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msvcrt.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msvcrt.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\user32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\user32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\gdi32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\gdi32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\lpk.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\lpk.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\usp10.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\usp10.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\advapi32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\advapi32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\rpcrt4.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\rpcrt4.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sspicli.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sspicli.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cryptbase.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cryptbase.dll | cryptbase.dll |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msctf.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msctf.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\BOOTSECT.EXE | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:43.731 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:43.731 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Temp\TMP000000032EDF9B37C5E17B29 | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\locale.nls | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\BOOTSECT.EXE | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Temp\TMP000000032EDF9B37C5E17B29 | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.747 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\ntdll.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\kernel32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\kernel32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\user32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\ntdll.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\apisetschema.dll | apisetschema.dll |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\KernelBase.dll | KernelBase.dll |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msvcrt.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\user32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\gdi32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\lpk.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\usp10.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\advapi32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\rpcrt4.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sspicli.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cryptbase.dll | cryptbase.dll |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\msctf.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | \Device\HarddiskVolume2 | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\System32\wow64log.dll | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.747 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.747 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:43.762 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\ui\SwDRM.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\Prefetch\REG.EXE-4978446A.pf | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\System32\wow64log.dll | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.840 | Unknown | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows | |
| 8/9/2020 - 0:46:43.840 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\winbrand.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.28 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\cmd.exe | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\ | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\ | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.28 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\apphelp.dll | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\AppPatch\sysmain.sdb | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\ | |
| 8/9/2020 - 0:46:44.43 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\ | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.43 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64 | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.43 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.43 | Read | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.43 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.43 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.43 | Open | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows\SysWOW64\ui\SwDRM.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | |
| 8/9/2020 - 0:46:44.59 | Unknown | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:46:44.59 | Open | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui | |
| 8/9/2020 - 0:46:44.59 | Unknown | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.59 | Unknown | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.59 | Unknown | 1592 | C:\Windows\SysWOW64\reg.exe | C:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui | KernelBase.dll.mui |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64win.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64cpu.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\System32\wow64log.dll | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.59 | Unknown | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows | |
| 8/9/2020 - 0:46:44.59 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Monitor | |
| 8/9/2020 - 0:46:44.75 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.75 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.75 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.75 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\sechost.dll | |
| 8/9/2020 - 0:46:44.75 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\ktmw32.dll | |
| 8/9/2020 - 0:46:44.75 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\ktmw32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\imm32.dll | |
| 8/9/2020 - 0:46:44.90 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.90 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\version.dll | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\version.dll | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | |
| 8/9/2020 - 0:46:44.153 | Unknown | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\Globalization\Sorting\SortDefault.nls | SortDefault.nls |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Read | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\schtasks.exe | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\rpcss.dll | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\rpcss.dll | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\uxtheme.dll | |
| 8/9/2020 - 0:46:44.153 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\uxtheme.dll | |
| 8/9/2020 - 0:46:44.340 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\taskschd.dll | |
| 8/9/2020 - 0:46:44.340 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\taskschd.dll | |
| 8/9/2020 - 0:46:44.434 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\xmllite.dll | |
| 8/9/2020 - 0:46:44.434 | Open | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows\SysWOW64\xmllite.dll | |
| 8/9/2020 - 0:46:45.981 | Unknown | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Windows | |
| 8/9/2020 - 0:46:45.981 | Unknown | 3032 | C:\Windows\SysWOW64\schtasks.exe | C:\Monitor | |
| 8/9/2020 - 0:46:46.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Windows | |
| 8/9/2020 - 0:46:46.28 | Unknown | 1528 | C:\Windows\SysWOW64\cmd.exe | C:\Monitor | |
| 8/9/2020 - 0:47:14.215 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:47:56.340 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\netprofm.dll | |
| 8/9/2020 - 0:47:56.340 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\netprofm.dll | |
| 8/9/2020 - 0:47:56.340 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\nlaapi.dll | |
| 8/9/2020 - 0:47:56.340 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\nlaapi.dll | |
| 8/9/2020 - 0:47:56.528 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\npmproxy.dll | |
| 8/9/2020 - 0:47:56.528 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\npmproxy.dll | |
| 8/9/2020 - 0:47:57.700 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wininet.dll | |
| 8/9/2020 - 0:47:57.700 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Windows\SysWOW64\wininet.dll | |
| 8/9/2020 - 0:47:59.309 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:48:44.418 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:49:29.622 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\cred.dll | |
| 8/9/2020 - 0:49:29.622 | Open | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | C:\Users\Behemot\AppData\Local\Temp\scr.dll |
Process
Trace
| 8/9/2020 - 0:45:43.262 | Create | 1480 | C:\malware.exe | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe |
| 8/9/2020 - 0:46:43.653 | Create | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | 1528 | C:\Windows\SysWOW64\cmd.exe |
| 8/9/2020 - 0:46:43.668 | Create | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | 1592 | C:\Windows\SysWOW64\reg.exe |
| 8/9/2020 - 0:46:44.43 | Create | 1528 | C:\Windows\SysWOW64\cmd.exe | 3032 | C:\Windows\SysWOW64\schtasks.exe |
| 8/9/2020 - 0:46:44.59 | Terminate | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | 1592 | C:\Windows\SysWOW64\reg.exe |
| 8/9/2020 - 0:46:45.981 | Terminate | 1528 | C:\Windows\SysWOW64\cmd.exe | 3032 | C:\Windows\SysWOW64\schtasks.exe |
| 8/9/2020 - 0:46:46.28 | Terminate | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | 1528 | C:\Windows\SysWOW64\cmd.exe |
Analysis
Reason
Timeout
Status
Sucessfully Executed
Results
1
Registry
Trace
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | ProxyBypass |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | IntranetName |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | UNCAsIntranet |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | AutoDetect |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | ProxyBypass |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | IntranetName |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | UNCAsIntranet |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap | AutoDetect |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable |
| 8/9/2020 - 0:45:43.481 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer |
| 8/9/2020 - 0:45:43.481 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyOverride |
| 8/9/2020 - 0:45:43.481 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoConfigURL |
| 8/9/2020 - 0:45:43.481 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings | AutoDetect |
| 8/9/2020 - 0:45:43.481 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | SavedLegacySettings |
| 8/9/2020 - 0:45:43.543 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content | CachePrefix |
| 8/9/2020 - 0:45:43.543 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies | CachePrefix |
| 8/9/2020 - 0:45:43.543 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History | CachePrefix |
| 8/9/2020 - 0:45:43.778 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:45:43.778 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:45:43.778 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:45:43.778 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecisionReason |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecisionTime |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecision |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadNetworkName |
| 8/9/2020 - 0:45:45.90 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDetectedUrl |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:45:45.90 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:45:45.90 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:45:45.90 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
| 8/9/2020 - 0:46:44.59 | Write | 1592 | C:\Windows\SysWOW64\reg.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders | Startup |
| 8/9/2020 - 0:47:56.528 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:47:56.528 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:47:56.528 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:47:56.528 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecisionReason |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecisionTime |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDecision |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadNetworkName |
| 8/9/2020 - 0:47:57.856 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{D8C667F4-C62D-460A-82E2-EC8687C3DC60} | WpadDetectedUrl |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:47:57.856 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionReason |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecisionTime |
| 8/9/2020 - 0:47:57.856 | Write | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDecision |
| 8/9/2020 - 0:47:57.856 | Delete | 1820 | C:\ProgramData\1321ba6d1f\bdif.exe | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-83-08-f3 | WpadDetectedUrl |
File Summary
Created
Identified: True check_circle
Deleted
Identified: False cancel
Process Summary
Created
Identified: True check_circle
Deleted
Identified: True check_circle
Registry Summary
Proxy
Identified: False cancel
AutoRun
Identified: False cancel
Created
Identified: True check_circle
Deleted
Identified: True check_circle
Browsers
Identified: False cancel
Internet
Identified: True check_circle
Loading...
DNS
Query
Response
TCP
Info
computer localhost:65193 arrow_forward help_outline 217.8.117.52:80computer localhost:65191 arrow_forward help_outline 217.8.117.52:80computer localhost:65199 arrow_forward help_outline 217.8.117.52:80computer localhost:65201 arrow_forward help_outline 217.8.117.52:80computer localhost:65192 arrow_forward help_outline 217.8.117.52:80computer localhost:65198 arrow_forward help_outline 217.8.117.52:80computer localhost:65194 arrow_forward help_outline 217.8.117.52:80computer localhost:65197 arrow_forward help_outline 217.8.117.52:80computer localhost:65200 arrow_forward help_outline 217.8.117.52:80computer localhost:65195 arrow_forward help_outline 217.8.117.52:80computer localhost:65196 arrow_forward help_outline 217.8.117.52:80
UDP
Info
computer localhost:68 arrow_forward help_outline 255.255.255.255:67computer localhost:67 arrow_forward computer localhost:68
HTTP
Info
Summary
DNS
False cancel
TCP
True check_circle
UDP
True check_circle
HTTP
False cancel
Results
BINARY
NFS 2.0 (Threshold = 0.8)
confidence: 55.00%suspicious: True check_circle
Decision Tree (NFS-BRMalware)
confidence: 100.00%suspicious: True check_circle
MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 97.13%suspicious: True check_circle
Random Forest (100 estimators, NFS-BRMalware)
confidence: 78.00%suspicious: False cancel
Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 49.73%suspicious: True check_circle
LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 90.35%suspicious: True check_circle