Report #5625 check_circle

  • Creation Date: Feb. 11, 2020, 5:58 p.m.
  • Last Update: Feb. 11, 2020, 8:18 p.m.
  • File: 268.exe
  • Results:
Binary
DLL
False cancel
Size
1.69MB
trid
41.0% Win32 Executable MS Visual C++
36.3% Win64 Executable
8.6% Win32 Dynamic Link Library
5.9% Win32 Executable
2.6% OS/2 Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
e384501d29dacc535c3bebb73b5f4af3
sha1
21e373aaf7c1d4c33e0067d6f1485393755d5e1b
crc32
0x215725b4
sha224
26ff6d4013aaf48c1061e9e5de9289ae181ea48d163417d29e123521
sha256
22fda8d4257211d907265acc0c393776b3808b594fa8c0616f8a8414ce610380
sha384
1dff8a37aeba231fefbb32805fd85cd37b330de41ab9472c6f4e561c61499f4243322193379a897dc71fe7329fff32be
sha512
0bf38f8042f30ea39c42383fc500b4404e92b446230e15a7dd4e35f1ac28bb7746b05d08a4a3f6c7f6083de65b28208244a3117a653eecdcc2cfbf4b941fb558
ssdeep
49152:9ffMLXVa7O5hjz/SKiaxubOUrDSLpVy94ZGsNnHhUl9Ox:xQfX/SK2OEunyEBQ9Ox
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
maldoc_getEIP_method_1, domain, IP, win_private_profile, ThreadControl__Context, HasRichSignature, HasTaggantSignature, ASProtect_v132, RijnDael_AES, win_files_operation, IsPE32, FSG_v110_Eng_dulekxt_, screenshot, win_hook, contentis_base64, keylogger, VirtualPC_Detection, IsPacked, maldoc_find_kernel32_base_method_1, DebuggerCheck__RemoteAPI, vmdetect, IsWindowsGUI, DebuggerHiding__Thread, anti_dbg, FSG_v110_Eng_dulekxt_Microsoft_Visual_C_Basic_NET, win_registry, url, HasOverlay, MD5_Constants, Big_Numbers1

Suspicious
True check_circle

Strings
List
(http://www.dywt.com.cn)
support@safengine.com
support@safengine.com
ehttp://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsEngineersIncIEEERootCA.crl0
TB.CA
R.TH
E.tw
Lhttp://pki-crl.symauth.com/ca_3e5451d77b370c64c3bd39d10f35bd21/LatestCRL.crl07
l.aU
-.to
B.hr
8.Nu
p.az
p.az
MSVFW32.dll
COMCTL32.dll
COMCTL32.dll
MSIMG32.dll
MSIMG32.dll
4MSVFW32.dll
AVIFIL32.dll
AVIFIL32.dll
4'NWINMM.dll
0WS2_32.dll
!n.adk
WS2_32.dll
mscorwks.dll
mscorsvr.dll
mscoreei.dll
WINMM.dll
iphlpapi.dll
1.0.0.0
1.0.0.0
KernelBase.dll
ntdll.dll
hid.dll
clr.dll
diasymreader.dll
shielden_user@safengine.com0]
&%,"59
shielden_user@safengine.com1
%/HPA*
Ax*sAo(%/
<];}
\sFh
rty.
erm|O
W&ova
erm|O
c&ova
FA3R
EG\7%s.
9fDTn
Sh{&|%n"
52i%a
T%g=~Sm
<r%%n
%#n'!h
a%t%f
`R%nl
D%E#]
%AR?A
'|R%e
%pH?a
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity name="E.App" processorArchitecture="x86" version="5.2.0.0" type="win32"/><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="x86" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency></assembly>
nOfD
RSfD
gTs%f
hGlobalDeleteAtom
N%gOV
g%tda
"2 |La |La |La[`@a%|LaOcGa)|LaOcFa&|Lavc_a
SEGetProtectionDate
SECheckProtection
mscoree.dll
_wcsnicmp
_wcsnicmp
_wcsnicmp
_wcsicmp
_wcsicmp
_wcsicmp
Safengine Shielden v2.4.0.0
}DNsR
6GetCPInfo
~I.Gm
x.gfe
SEGetExecTimeLeft
SEGetNumExecLeft
SEGetNumExecUsed
SESetTotalExecTime
SESetNumExecUsed
SEGetExecTimeUsed
GetProcAddress
GetProcAddress
SESetExecTime
SECheckExecTime
ExitProcess
ExitProcess
bFlushFileBuffers
CallNextHookEx

Foremost
Matches
0.exe, 1 MB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: True check_circle
Suspicious: http://www.dywt.com.cn), http://pki-ocsp.symauth.com0, http://pki-crl.symauth.com/ca_3e5451d77b370c64c3bd39d10f35bd21/latestcrl.crl07, http://pki-crl.symauth.com/offlineca/theinstituteofelectricalandelectronicsengineersincieeerootca.crl0
hasAllowed: False cancel
hasSuspicious: True check_circle

Files
Allowed: ADVAPI32.dll, hid.dll, 0WS2_32.dll, MSVCRT.dll, mscorwks.dll, user32.dll, SHELL32.dll, WS2_32.dll, PSAPI.DLL, GDI32.dll, mscoree.dll, clr.dll, 4MSVFW32.dll, 4'NWINMM.dll, mscoreei.dll, AVIFIL32.dll, MSIMG32.dll, COMCTL32.dll, MSVFW32.dll, diasymreader.dll, KERNEL32.dll, IPHLPAPI.DLL, WINMM.dll, mscorsvr.dll, OLEAUT32.dll, comdlg32.dll, ole32.dll, ntdll.dll, KernelBase.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 0
Suspicious: True check_circle
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 4096
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 1830713
Suspicous: False cancel

Sections
Allowed: .text, .sedata, .idata, .rsrc, .sedata
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 4
Linker
Version: 6.0
Suspicious: False cancel
Subsystem
Version: 5.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 2593111
Suspicious: False cancel

Anomalies
Anomalies
hasAnomalies: False cancel

Libraries
Allowed: advapi32.dll, hid.dll, msvcrt.dll, user32.dll, shell32.dll, ws2_32.dll, psapi.dll, gdi32.dll, mscoree.dll, clr.dll, mscoreei.dll, avifil32.dll, msimg32.dll, comctl32.dll, msvfw32.dll, diasymreader.dll, kernel32.dll, winmm.dll, oleaut32.dll, comdlg32.dll, ole32.dll, ntdll.dll, kernelbase.dll
hasLibs: True check_circle
Suspicious: 0ws2_32.dll, mscorwks.dll, 4msvfw32.dll, 4'nwinmm.dll, iphlpapi.dll, mscorsvr.dll
hasAllowed: True check_circle
hasSuspicious: True check_circle

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2019-07-17 09:02:47
Future: False cancel

Compilation
Packed: False cancel
Missing: True check_circle
Packers
Compiled: False cancel
Compilers

Obfuscation
XOR: False cancel
Fuzzing: False cancel

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
ldr
.sedata: 1

pushret
.text: 364
.sedata: 798

pushpopmath
.text: 208
.sedata: 136

sizeofimage
.sedata: 1

ss register
.text: 2
.sedata: 15

garbagebytes
.text: 136
.sedata: 510

hookdetection
.text: 19
.sedata: 16

software breakpoint
.text: 16
.sedata: 9

fakeconditionaljumps
.text: 10
.sedata: 30

programcontrolflowchange
.text: 126
.sedata: 482

cpuinstructionsresultscomparison
.rsrc: 2
.sedata: 9

AVclass
noobyprotect
1
VirusTotal
md5
e384501d29dacc535c3bebb73b5f4af3
sha1
21e373aaf7c1d4c33e0067d6f1485393755d5e1b
SCANS (DETECTION RATE = 78.57%)
AVG
result: FileRepMalware
update: 20190822
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20190321
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=100)
update: 20190822
version: 2018.9.12.1
detected: True check_circle

APEX
result: Malicious
update: 20190819
version: 5.53
detected: True check_circle

Bkav
update: 20190821
version: 1.3.0.10239
detected: False cancel

K7GW
result: Trojan ( 005239691 )
update: 20190821
version: 11.63.31804
detected: True check_circle

ALYac
result: Gen:Variant.Strictor.197493
update: 20190821
version: 1.1.1.5
detected: True check_circle

Avast
result: FileRepMalware
update: 20190822
version: 18.4.3895.0
detected: True check_circle

Avira
result: TR/RedCap.wukbm
update: 20190821
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190318
version: 1.0.0.2
detected: False cancel

Cyren
result: W32/S-e743b39f!Eldorado
update: 20190822
version: 6.2.0.1
detected: True check_circle

DrWeb
result: Trojan.DownLoader29.46114
update: 20190822
version: 7.0.41.7240
detected: True check_circle

GData
result: Win32.Application.PUPStudio.B
update: 20190822
version: A:25.23142B:26.15847
detected: True check_circle

Panda
result: Trj/CI.A
update: 20190821
version: 4.6.4.2
detected: True check_circle

VBA32
result: Trojan.Downloader
update: 20190821
version: 4.0.0
detected: True check_circle

VIPRE
update: 20190821
version: 77324
detected: False cancel

Zoner
update: 20190821
version: 1.0.0.1
detected: False cancel

ClamAV
result: Win.Malware.Noobyprotect-6622929-0
update: 20190821
version: 0.101.4.0
detected: True check_circle

Comodo
result: TrojWare.Win32.Agent.OSCF@5rs7jr
update: 20190821
version: 31356
detected: True check_circle

F-Prot
result: W32/S-e743b39f!Eldorado
update: 20190822
version: 4.7.1.166
detected: True check_circle

Ikarus
result: PUA.NoobyProtect
update: 20190821
version: 0.1.5.2
detected: True check_circle

McAfee
result: Packed-LF!E384501D29DA
update: 20190822
version: 6.0.6.653
detected: True check_circle

Rising
result: Trojan.Generic!8.C3 (TFE:5:2fk5jPdC6eU)
update: 20190822
version: 25.0.0.24
detected: True check_circle

Sophos
result: Mal/Generic-S
update: 20190821
version: 4.98.0
detected: True check_circle

Yandex
result: Riskware.NoobyProtect!
update: 20190821
version: 5.5.2.24
detected: True check_circle

Zillya
update: 20190820
version: 2.0.0.3882
detected: False cancel

Acronis
result: suspicious
update: 20190820
version: 1.0.1.51
detected: True check_circle

Alibaba
result: Packed:Win32/NoobyProtect.70e1f6bf
update: 20190527
version: 0.3.0.5
detected: True check_circle

Arcabit
result: Trojan.Strictor.D30375
update: 20190821
version: 1.0.0.856
detected: True check_circle

Cylance
result: Unsafe
update: 20190822
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (high confidence)
update: 20190819
version: 3.0.14
detected: True check_circle

FireEye
result: Generic.mg.e384501d29dacc53
update: 20190821
version: 29.7.0.0
detected: True check_circle

TACHYON
update: 20190822
version: 2019-08-22.01
detected: False cancel

Tencent
update: 20190822
version: 1.0.0.1
detected: False cancel

ViRobot
update: 20190821
version: 2014.3.20.0
detected: False cancel

Webroot
result: W32.Malware.Gen
update: 20190822
version: 1.0.0.403
detected: True check_circle

eGambit
result: Unsafe.AI_Score_77%
update: 20190822
version: v4.3.6
detected: True check_circle

Ad-Aware
result: Gen:Variant.Strictor.197493
update: 20190821
version: 3.0.5.370
detected: True check_circle

AegisLab
result: Hacktool.Win32.Generic.m1qh
update: 20190821
version: 4.2
detected: True check_circle

Emsisoft
result: Gen:Variant.Strictor.197493 (B)
update: 20190822
version: 2018.12.0.1641
detected: True check_circle

F-Secure
result: Trojan.TR/RedCap.wukbm
update: 20190822
version: 12.0.86.52
detected: True check_circle

Fortinet
result: W32/Injector.FKM!tr
update: 20190822
version: 5.4.247.0
detected: True check_circle

Invincea
result: heuristic
update: 20190717
version: 6.3.6.26157
detected: True check_circle

Jiangmin
update: 20190821
version: 16.0.100
detected: False cancel

Kingsoft
update: 20190822
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20190822
version: 1.0
detected: True check_circle

Symantec
result: Trojan.Gen.MBT
update: 20190821
version: 1.10.0.0
detected: True check_circle

Trapmine
result: malicious.high.ml.score
update: 20190522
version: 3.1.62.789
detected: True check_circle

AhnLab-V3
result: Trojan/Win32.Generic.C3275379
update: 20190821
version: 3.16.0.24856
detected: True check_circle

Antiy-AVL
result: Trojan/Win32.Wacatac
update: 20190821
version: 3.0.0.1
detected: True check_circle

Kaspersky
update: 20190822
version: 15.0.1.13
detected: False cancel

MaxSecure
result: Trojan.Malware.300983.susgen
update: 20190803
version: 1.0.0.1
detected: True check_circle

Microsoft
result: Trojan:Win32/Wacatac.B!ml
update: 20190822
version: 1.1.16200.1
detected: True check_circle

Qihoo-360
result: HEUR/QVM18.1.9555.Malware.Gen
update: 20190822
version: 1.0.0.1120
detected: True check_circle

ZoneAlarm
update: 20190822
version: 1.0
detected: False cancel

Cybereason
result: malicious.d29dac
update: 20190616
version: 1.2.449
detected: True check_circle

ESET-NOD32
result: a variant of Win32/Packed.NoobyProtect.H suspicious
update: 20190822
version: 19894
detected: True check_circle

TrendMicro
result: TROJ_GEN.R002C0PGH19
update: 20190822
version: 11.0.0.1006
detected: True check_circle

BitDefender
result: Gen:Variant.Strictor.197493
update: 20190821
version: 7.2
detected: True check_circle

CrowdStrike
result: win/malicious_confidence_100% (W)
update: 20190212
version: 1.0
detected: True check_circle

K7AntiVirus
result: Trojan ( 005239691 )
update: 20190821
version: 11.63.31802
detected: True check_circle

SentinelOne
result: DFI - Malicious PE
update: 20190807
version: 1.0.31.22
detected: True check_circle

Avast-Mobile
update: 20190821
version: 190821-04
detected: False cancel

Malwarebytes
result: PUP.Optional.ChinAd
update: 20190822
version: 2.1.1.1115
detected: True check_circle

CAT-QuickHeal
result: Trojan.Mauvaise.SL1
update: 20190821
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Trojan.Win32.Strictor.ftjddr
update: 20190822
version: 1.0.134.24859
detected: True check_circle

MicroWorld-eScan
result: Gen:Variant.Strictor.197493
update: 20190822
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20190816
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: BehavesLike.Win32.Generic.tc
update: 20190821
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
result: TROJ_GEN.R002C0PGH19
update: 20190821
version: 10.0.0.1040
detected: True check_circle

total
70
sha256
22fda8d4257211d907265acc0c393776b3808b594fa8c0616f8a8414ce610380
scan_id
22fda8d4257211d907265acc0c393776b3808b594fa8c0616f8a8414ce610380-1566435158
resource
e384501d29dacc535c3bebb73b5f4af3
positives
55
scan_date
2019-08-22 00:52:38
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
11/2/2020 - 19:45:43.856Open1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Open1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.856Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.872Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.887Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:43.903Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.43Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.59Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.75Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.137Read1480C:\malware.exeC:\Windows\SysWOW64\ntdll.dll
11/2/2020 - 19:45:44.231Open1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dll
11/2/2020 - 19:45:44.231Unknown1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Open1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.231Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.247Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.262Read1480C:\malware.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
11/2/2020 - 19:45:44.356Open1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Open1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.356Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.372Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.387Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.403Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.418Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.512Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.528Read1480C:\malware.exeC:\Windows\SysWOW64\kernel32.dll
11/2/2020 - 19:45:44.622Open1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.622Open1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.622Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.622Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.622Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.637Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.653Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.668Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.684Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.700Read1480C:\malware.exeC:\Windows\SysWOW64\user32.dll
11/2/2020 - 19:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.731Open1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.731Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.731Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.731Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.809Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.825Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.840Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:44.918Read1480C:\malware.exeC:\Windows\SysWOW64\advapi32.dll
11/2/2020 - 19:45:45.12Open1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Open1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.12Read1480C:\malware.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
11/2/2020 - 19:45:45.497Open1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:45.497Unknown1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:45.497Open1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:45.497Read1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
11/2/2020 - 19:45:46.715Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
11/2/2020 - 19:45:46.793Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
11/2/2020 - 19:45:46.793Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
11/2/2020 - 19:45:46.793Open1480C:\malware.exeC:\Monitor\Malware
11/2/2020 - 19:45:46.793Unknown1480C:\malware.exeC:\Monitor
11/2/2020 - 19:45:46.872Open1480C:\malware.exeC:\dwmapi.dll
11/2/2020 - 19:45:46.872Open1480C:\malware.exeC:\Windows\SysWOW64\dwmapi.dll
11/2/2020 - 19:45:46.872Open1480C:\malware.exeC:\Windows\SysWOW64\dwmapi.dll
11/2/2020 - 19:45:46.887Open1480C:\malware.exeC:\
11/2/2020 - 19:45:46.887Open1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:46.887Read1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:46.887Read1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:46.950Read1480C:\malware.exeC:\malware.exe
11/2/2020 - 19:45:46.997Open1480C:\malware.exeC:\DCIMAN32.DLL
11/2/2020 - 19:45:46.997Open1480C:\malware.exeC:\Windows\SysWOW64\dciman32.dll
11/2/2020 - 19:45:47.43Open1480C:\malware.exeC:\Windows\SysWOW64\dciman32.dll
11/2/2020 - 19:45:47.340Open1480C:\malware.exeC:\Windows\Fonts\StaticCache.dat
11/2/2020 - 19:45:47.340Read1480C:\malware.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
11/2/2020 - 19:45:47.340Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
11/2/2020 - 19:45:47.340Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\malware.exe.Local
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.434Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll.Config
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\Windows\SysWOW64\uxtheme.dll
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\malware.exe.Local
11/2/2020 - 19:45:47.434Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.450Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.450Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.450Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
11/2/2020 - 19:45:47.450Open1480C:\malware.exeC:\Windows\Fonts\arial.ttf
11/2/2020 - 19:45:47.450Open1480C:\malware.exeC:\Windows\Fonts\arial.ttf
11/2/2020 - 19:45:47.512Open1480C:\malware.exeC:\Windows\SysWOW64\RTDriver.sys
11/2/2020 - 19:45:47.512Open1480C:\malware.exeC:\Kernel32.dll
11/2/2020 - 19:45:47.512Open1480C:\malware.exeC:\Kernel32.dll
11/2/2020 - 19:45:47.512Open1480C:\malware.exeC:\Windows\System32
11/2/2020 - 19:45:47.512Unknown1480C:\malware.exeC:\Windows\System32
11/2/2020 - 19:45:47.512Open1480C:\malware.exeC:\
11/2/2020 - 19:45:47.512Unknown1480C:\malware.exeC:\
11/2/2020 - 19:45:47.575Open1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:47.575Write1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:47.575Unknown1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:47.918Open1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:47.918Unknown1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:47.918Unknown1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:48.887Open1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:48.887Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
11/2/2020 - 19:45:48.887Delete1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:48.887Unknown1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:48.887Unknown1480C:\malware.exeC:\Windows\System32\RTDriver.sys
11/2/2020 - 19:45:48.887Open1480C:\malware.exeC:\kernel32.dll
11/2/2020 - 19:45:48.887Open1480C:\malware.exeC:\kernel32.dll
11/2/2020 - 19:45:48.887Open1480C:\malware.exeC:\Windows\System32\C_936.NLS
11/2/2020 - 19:45:48.981Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
11/2/2020 - 19:45:48.981Open1480C:\malware.exeC:\Windows\SysWOW64\mswsock.dll
11/2/2020 - 19:45:48.981Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/2/2020 - 19:45:48.981Open1480C:\malware.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
11/2/2020 - 19:46:31.12Open1480C:\malware.exeC:\Windows\SysWOW64\ole32.dll
11/2/2020 - 19:46:31.28Open1480C:\malware.exeC:\Windows\SysWOW64\ole32.dll

Process
Trace

Analysis
Reason
Timeout

Status
Sucessfully Executed

Results
1

Registry
Trace
11/2/2020 - 19:45:47.278Write1480C:\malware.exeHKCU\Software\Microsoft\Multimedia\DrawDib 800x600x32(BGR 0)
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriverDisplayName
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriverErrorControl
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriverImagePath
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriverStart
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriverType
11/2/2020 - 19:45:48.247Write1480C:\malware.exe\REGISTRY\MACHINE\SYSTEM\ControlSet001\services\RTDriver\SecuritySecurity

File Summary
Created
Identified: True check_circle

Deleted
Identified: True check_circle

Process Summary
Created
Identified: False cancel

Deleted
Identified: False cancel

Registry Summary
Proxy
Identified: False cancel

AutoRun
Identified: False cancel

Created
Identified: True check_circle

Deleted
Identified: False cancel

Browsers
Identified: False cancel

Internet
Identified: False cancel

Loading...

DNS
Query
computer localhost arrow_forward computer gateway:50273 code dns.msftncsi.com.
computer localhost arrow_forward computer gateway:DNS code dns.msftncsi.com.

Response
computer gateway:DNS arrow_forward computer localhost code dns.msftncsi.com. reply_all 131.107.255.255


TCP
Info
computer localhost:65191 arrow_forward 23.27.127.71:2019
computer localhost:65192 arrow_forward 23.27.127.143:2019

UDP
Info
computer localhost:53 arrow_forward computer localhost:55394
computer localhost:55394 arrow_forward computer localhost:53
computer localhost:50273 arrow_forward computer localhost:53
computer localhost:53 arrow_forward computer localhost:50273

HTTP
Info

Summary
DNS
True check_circle

TCP
True check_circle

UDP
True check_circle

HTTP
False cancel

Results
BINARY
KNN (K=3, NFS-BRMalware)
confidence: 100.00%
suspicious: False cancel

Decision Tree (NFS-BRMalware)
confidence: 100.00%
suspicious: False cancel

SVC (Kernel=Linear, NFS-BRMalware)
confidence: 89.99%
suspicious: False cancel

MalConv (Ember: Raw Bytes, Threshold=0.5)
confidence: 82.58%
suspicious: False cancel

Random Forest (100 estimators, NFS-BRMalware)
confidence: 73.00%
suspicious: True check_circle

Non-Negative MalConv (Ember: Raw Bytes, Threshold=0.35)
confidence: 50.37%
suspicious: True check_circle

LightGDM (Ember: File Characteristics, Threshold=0.8336)
confidence: 100.00%
suspicious: True check_circle

Add to Collection
Download