Report #8712 check_circle

  • Creation Date: March 5, 2020, 2:52 p.m.
  • Last Update: March 5, 2020, 9:21 p.m.
  • File: DiagnosticoBB.exe
  • Results:
Binary
DLL
False cancel
Size
27.50KB
trid
48.4% Generic CIL Executable
20.6% Win32 Executable MS Visual C++
18.2% Win64 Executable
4.3% Win32 Dynamic Link Library
2.9% Win32 Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
bf3e89c8b41cd43d6caec5ae94273d52
sha1
c3e8d8804fcf72082cd267b9eac1ba5e9de7c7b3
crc32
0x44bc2c17
sha224
94df6758b7328b92e35280c3de5a996f2cf29453acb1482274ae1dad
sha256
d02ac2f09e80c969837bfa05900a6e8f332be958cb16dc02fc7cf63d9b29150e
sha384
f1d8b0af39532c33405c59749a89a9a7e4fa35724ba59622bf2ddbf08960a3901c6ab17b12849918c0b8cba07e80378d
sha512
509506affc3865bb3cb7d55ba3b79e65b9febe0f81a4b1f346b09ce7b928188cea3c0aaab8a4cf9c30c1a7ab89f09055427ead13b34eac1eea37c6941979feb5
ssdeep
768:O3x4VTZkNeqZL4gDwK0Wca9kKQamS4KA:HVkNeWcDAca9kKQ9S0
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
NET_executable, System_Tools, Microsoft_Visual_C_v70_Basic_NET, Microsoft_Visual_Studio_NET_additional, IP, IsNET_EXE, NETexecutableMicrosoft, Microsoft_Visual_C_Basic_NET, Microsoft_Visual_Studio_NET, contentis_base64, HasDebugData, Browsers, NET_executable_, domain, IsPE32, Microsoft_Visual_C_v70_Basic_NET_additional, IsWindowsGUI

Suspicious
True check_circle

Strings
List
System.Net.Security
C:\Users\snes x86\Documents\Visual Studio 2008\Projects\WindowsApplication1\WindowsApplication1\obj\Release\WindowsApplication1.pdb
My.Computer
System.IO
System.Net
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
WindowsApplication1.My
System.ComponentModel.Design
\Internet Explorer\iexplore.exe
iexplore.exe
explorer.exe
System.Net.Sockets
System.Security.Cryptography.X509Certificates
System.Security.Cryptography
System.Security.AccessControl
4System.Web.Services.Protocols.SoapHttpClientProtocol
SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
\gbclass10.dll
1.0.0.0
1.0.0.0
1.0.0.0
1.0.0.0
RegSvr32.exe /s
WindowsApplication1.My.Resources
8.0.0.0
2.0.0.0
9.0.0.0
System.Windows.Forms.Form
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
3System.Resources.Tools.StronglyTypedResourceBuilder
pass
System.Windows.Forms
HKEY_CLASSES_ROOT
HKEY_LOCAL_MACHINE
WindowsApplication1.exe
WindowsApplication1.exe
WindowsApplication1.exe
SOFTWARE\\Classes\\CLSID\\
SW_HIDE
mscoree.dll
get_UserName
Registra_BHO
get_ResourceManager
SslPolicyErrors
sslPolicyErrors
TcpClient
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
AddFileSecurity
IsHost64Bit
ServerComputer
DebuggerHiddenAttribute
5C496E70726F635365727665723332
FileSecurity
546872656164696E674D6F64656C
736E78686B2E646C6C
NetworkStream
dns=
534F4654574152455C5C4D6963726F736F66745C5C57696E646F77735C5C43757272656E7456657273696F6E5C5C52756E
RegistrySecurity
ClassesRoot
DebuggableAttribute
HKEY_CURRENT_USER
DebuggingModes
RegistryAccessRule
ResourceManager
RegistryKey
FileSystemSecurity
534F4654574152455C4D6963726F736F66745C57696E646F77735C43757272656E7456657273696F6E5C4578706C6F7265725C42726F777365722048656C706572204F626A656374735C
ServicePointManager
DebuggerStepThroughAttribute
Registry
SocketStream
username
ShutDown
LocalMachine
internet
m_FormBeingCreated
AES_Decrypt
AES_Encrypt
GetModuleHandleA
nCmdShow
RegistryRights
PROCESSOR_ARCHITECTURE
Hashtable
ComputeHash
windir
Sleep
HashAlgorithm
RijndaelManaged
CipherMode
CreateEncryptor
GetHashCode
CreateDecryptor
Shell
ICryptoTransform
$7be9de85-14d6-411a-b76e-95599e299538
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
Crypt
DebuggerNonUserCodeAttribute
HideModuleNameAttribute

Foremost
Matches
0.exe, 27 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: False cancel
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

Files
Allowed: \gbclass10.dll, user32.dll, mscoree.dll, kernel32.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 4096
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 1024
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .text, .sdata, .rsrc, .reloc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 4
Linker
Version: 8.0
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 30846
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: user32.dll, mscoree.dll, kernel32.dll
hasLibs: True check_circle
Suspicious: \gbclass10.dll
hasAllowed: True check_circle
hasSuspicious: True check_circle

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2015-08-17 17:17:07
Future: False cancel

Compilation
Packed: False cancel
Missing: False cancel
Packers
Compiled: True check_circle
Compilers: Microsoft Visual C# / Basic .NET, Microsoft Visual Studio .NET, .NET executable, Microsoft Visual C# v7.0 / Basic .NET

Obfuscation
XOR: False cancel
Fuzzing: True check_circle

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushpopmath
.text: 5

cpuinstructionsresultscomparison
.text: 5

AVclass
banload
1
VirusTotal
md5
bf3e89c8b41cd43d6caec5ae94273d52
sha1
c3e8d8804fcf72082cd267b9eac1ba5e9de7c7b3
SCANS (DETECTION RATE = 70.77%)
AVG
result: MSIL:Banker-DC [Trj]
update: 20180323
version: 18.2.3827.0
detected: True check_circle

CMC
update: 20180323
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=88)
update: 20180323
version: 2017.11.15.1
detected: True check_circle

Bkav
update: 20180322
version: 1.3.0.9466
detected: False cancel

K7GW
result: Trojan ( 700000121 )
update: 20180323
version: 10.42.26597
detected: True check_circle

ALYac
result: Trojan.GenericKD.2656011
update: 20180323
version: 1.1.1.5
detected: True check_circle

Avast
result: MSIL:Banker-DC [Trj]
update: 20180323
version: 18.2.3827.0
detected: True check_circle

Avira
result: TR/Downloader.A.26607
update: 20180323
version: 8.3.3.6
detected: True check_circle

Baidu
result: Win32.Trojan.WisdomEyes.16070401.9500.9857
update: 20180323
version: 1.0.0.2
detected: True check_circle

Cyren
result: W32/Trojan.ZEJF-2538
update: 20180323
version: 5.4.30.7
detected: True check_circle

DrWeb
result: Trojan.DownLoader15.50285
update: 20180323
version: 7.0.28.2020
detected: True check_circle

GData
result: Trojan.GenericKD.2656011
update: 20180323
version: A:25.16481B:25.11861
detected: True check_circle

Panda
result: Trj/CI.A
update: 20180323
version: 4.6.4.2
detected: True check_circle

VBA32
result: TrojanBanker.BHO
update: 20180323
version: 3.12.28.0
detected: True check_circle

VIPRE
result: Trojan.Win32.Generic!BT
update: 20180323
version: 65478
detected: True check_circle

Zoner
update: 20180323
version: 1.0
detected: False cancel

AVware
result: Trojan.Win32.Generic!BT
update: 20180323
version: 1.5.0.42
detected: True check_circle

ClamAV
update: 20180323
version: 0.99.2.0
detected: False cancel

Comodo
result: UnclassifiedMalware
update: 20180323
version: 28732
detected: True check_circle

F-Prot
update: 20180323
version: 4.7.1.166
detected: False cancel

Ikarus
result: Trojan-Downloader.MSIL.Banload
update: 20180323
version: 0.1.5.2
detected: True check_circle

McAfee
result: Trojan-FKMM!BF3E89C8B41C
update: 20180323
version: 6.0.6.653
detected: True check_circle

Rising
update: 20180323
version: 25.0.0.1
detected: False cancel

Sophos
result: Troj/Banloa-BZH
update: 20180323
version: 4.98.0
detected: True check_circle

Yandex
result: Trojan.DL.Banload!SBuV8SXGzwI
update: 20180323
version: 5.5.1.3
detected: True check_circle

Arcabit
result: Trojan.Generic.D28870B
update: 20180323
version: 1.0.0.831
detected: True check_circle

Cylance
result: Unsafe
update: 20180323
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (high confidence)
update: 20180316
version: 2.0.5
detected: True check_circle

Tencent
result: Win32.Trojan-banker.Bho.Phgo
update: 20180323
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20180323
version: 2014.3.20.0
detected: False cancel

eGambit
update: 20180323
version: v4.3.5
detected: False cancel

Ad-Aware
result: Trojan.GenericKD.2656011
update: 20180323
version: 3.0.3.1010
detected: True check_circle

AegisLab
result: Troj.Generickd!c
update: 20180323
version: 4.2
detected: True check_circle

Emsisoft
result: Trojan.GenericKD.2656011 (B)
update: 20180323
version: 4.0.2.899
detected: True check_circle

F-Secure
update: 20180323
version: 11.0.19100.45
detected: False cancel

Fortinet
result: MSIL/Banload.EB!tr.dldr
update: 20180323
version: 5.4.247.0
detected: True check_circle

Invincea
result: heuristic
update: 20180121
version: 6.3.4.26036
detected: True check_circle

Jiangmin
result: Trojan.Banker.BHO.bp
update: 20180323
version: 16.0.100
detected: True check_circle

Kingsoft
update: 20180323
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20180323
version: 1.0
detected: True check_circle

Symantec
result: Downloader
update: 20180323
version: 1.5.0.0
detected: True check_circle

nProtect
update: 20180323
version: 2018-03-23.02
detected: False cancel

AhnLab-V3
result: Downloader/Win32.Generic.C977538
update: 20180323
version: 3.12.0.20130
detected: True check_circle

Antiy-AVL
update: 20180323
version: 3.0.0.1
detected: False cancel

Kaspersky
result: Trojan-Banker.Win32.BHO.cei
update: 20180323
version: 15.0.1.13
detected: True check_circle

Microsoft
result: TrojanDownloader:MSIL/Banload
update: 20180323
version: 1.1.14600.4
detected: True check_circle

Qihoo-360
update: 20180323
version: 1.0.0.1120
detected: False cancel

TheHacker
update: 20180319
version: 6.8.0.5.2551
detected: False cancel

ZoneAlarm
result: Trojan-Banker.Win32.BHO.cei
update: 20180323
version: 1.0
detected: True check_circle

ESET-NOD32
result: a variant of MSIL/TrojanDownloader.Banload.EB
update: 20180323
version: 17106
detected: True check_circle

TrendMicro
result: TROJ_GEN.R002C0DBF18
update: 20180323
version: 9.862.0.1074
detected: True check_circle

WhiteArmor
update: 20180223
detected: False cancel

BitDefender
result: Trojan.GenericKD.2656011
update: 20180323
version: 7.2
detected: True check_circle

CrowdStrike
result: malicious_confidence_100% (W)
update: 20170201
version: 1.0
detected: True check_circle

K7AntiVirus
result: Trojan ( 700000121 )
update: 20180323
version: 10.42.26598
detected: True check_circle

SentinelOne
update: 20180225
version: 1.0.15.206
detected: False cancel

Avast-Mobile
update: 20180323
version: 180323-04
detected: False cancel

Malwarebytes
result: PUP.Optional.Amonetize
update: 20180323
version: 2.1.1.1115
detected: True check_circle

TotalDefense
update: 20180323
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
result: Trojan.BHO
update: 20180323
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Trojan.Win32.Dwn.dvlzbw
update: 20180323
version: 1.0.100.22043
detected: True check_circle

MicroWorld-eScan
result: Trojan.GenericKD.2656011
update: 20180323
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20180323
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: Trojan-FKMM!BF3E89C8B41C
update: 20180323
version: v2015
detected: True check_circle

TrendMicro-HouseCall
result: TROJ_GEN.R002C0DBF18
update: 20180323
version: 9.950.0.1006
detected: True check_circle

total
65
sha256
d02ac2f09e80c969837bfa05900a6e8f332be958cb16dc02fc7cf63d9b29150e
scan_id
d02ac2f09e80c969837bfa05900a6e8f332be958cb16dc02fc7cf63d9b29150e-1521840416
resource
bf3e89c8b41cd43d6caec5ae94273d52
positives
46
scan_date
2018-03-23 21:26:56
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
5/3/2020 - 20:45:42.997Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:43.653Open1480C:\malware.exeC:\malware.exe.config
5/3/2020 - 20:45:43.653Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\fusion.localgac
5/3/2020 - 20:45:43.684Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config
5/3/2020 - 20:45:43.684Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch
5/3/2020 - 20:45:43.684Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config
5/3/2020 - 20:45:43.684Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
5/3/2020 - 20:45:43.778Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot
5/3/2020 - 20:45:43.778Unknown1480C:\malware.exeC:\Users\Behemot
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:45:43.778Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config
5/3/2020 - 20:45:43.778Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch
5/3/2020 - 20:45:43.965Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\index187.dat
5/3/2020 - 20:45:43.965Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dll
5/3/2020 - 20:45:43.965Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:43.997Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:43.997Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:43.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:44.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Monitor
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\Monitor
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Monitor\Malware
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\Monitor\Malware
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\ole32.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\CRYPTBASE.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\cryptbase.dll
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\cryptbase.dll
5/3/2020 - 20:45:45.90Unknown1480C:\malware.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:45:45.90Open1480C:\malware.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:45:45.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\malware.config
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.153Unknown1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\Monitor\Malware
5/3/2020 - 20:45:45.153Unknown1480C:\malware.exeC:\Monitor\Malware
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\Windows\System32\l_intl.nls
5/3/2020 - 20:45:45.153Open1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.153Unknown1480C:\malware.exeC:\malware.exe
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\malware.exe.Local
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:45:45.168Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:45:45.168Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\assembly\pubpol4.dat
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\assembly\GAC\PublisherPolicy.tme
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:45:45.184Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:45:45.184Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:45.184Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:45.372Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:45.372Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:45.418Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.418Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:45.418Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.465Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.512Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.559Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.606Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.653Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.700Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.747Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.793Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:45.793Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:45.793Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.840Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.887Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.934Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:45.981Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:46.28Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\VERSION.dll
5/3/2020 - 20:45:46.28Open1480C:\malware.exeC:\VERSION.dll
5/3/2020 - 20:45:46.28Open1480C:\malware.exeC:\Windows\System32\version.dll
5/3/2020 - 20:45:46.28Open1480C:\malware.exeC:\Windows\System32\version.dll
5/3/2020 - 20:45:46.28Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:46.28Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:46.28Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:46.75Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
5/3/2020 - 20:45:46.75Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:46.75Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:46.543Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dll
5/3/2020 - 20:45:46.684Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.684Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dll
5/3/2020 - 20:45:46.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:46.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.528Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:47.668Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:47.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:47.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:48.622Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:48.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:48.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.528Open1480C:\malware.exeC:\Windows\Globalization\pt-br.nlp
5/3/2020 - 20:45:49.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:49.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.793Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:50.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:50.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.215Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:51.215Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\bcrypt.dll
5/3/2020 - 20:45:51.356Open1480C:\malware.exeC:\bcrypt.dll
5/3/2020 - 20:45:51.356Open1480C:\malware.exeC:\Windows\System32\bcrypt.dll
5/3/2020 - 20:45:51.356Open1480C:\malware.exeC:\Windows\System32\bcrypt.dll
5/3/2020 - 20:45:51.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\CRYPTSP.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Open1480C:\malware.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:45:51.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:51.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:52.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:52.715Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:52.762Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:52.809Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dll
5/3/2020 - 20:45:52.981Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:52.981Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dll
5/3/2020 - 20:45:52.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:53.403Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.543Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.543Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:53.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:54.856Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:54.997Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:45:54.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.28Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:56.122Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:45:56.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:56.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:56.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:57.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:57.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:57.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:57.153Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:57.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:57.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:57.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:57.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:58.840Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:45:58.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:58.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:45:59.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:45:59.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:45:59.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:45:59.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:0.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:0.809Unknown1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:46:0.809Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
5/3/2020 - 20:46:0.950Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
5/3/2020 - 20:46:1.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:1.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:2.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:2.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.340Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ntdll.dll
5/3/2020 - 20:46:3.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:3.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:3.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.653Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:46:4.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:4.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:4.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:4.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.403Open1480C:\malware.exeC:\Windows\Globalization\en-us.nlp
5/3/2020 - 20:46:5.403Open1480C:\malware.exeC:\malware.config
5/3/2020 - 20:46:5.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:5.637Open1480C:\malware.exeC:\Windows\assembly\GAC_64\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
5/3/2020 - 20:46:5.637Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
5/3/2020 - 20:46:5.684Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
5/3/2020 - 20:46:5.684Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.731Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.731Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.731Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.778Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.825Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.872Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.918Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
5/3/2020 - 20:46:5.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a
5/3/2020 - 20:46:5.965Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pt-BR_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dllMicrosoft.VisualBasic.resources.dll
5/3/2020 - 20:46:5.965Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dllMicrosoft.VisualBasic.dll
5/3/2020 - 20:46:6.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:6.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:6.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:6.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:6.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:7.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:7.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:7.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:7.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:7.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:7.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:7.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:7.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:8.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:9.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:9.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:9.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:9.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:9.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:9.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:9.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:10.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:10.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\b13e5b1d6011e11c508cc63abebad05c\System.Drawing.ni.dllSystem.Drawing.ni.dll
5/3/2020 - 20:46:10.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:10.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:11.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:11.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:11.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:11.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:11.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:11.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:11.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:11.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.793Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:12.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:12.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:13.309Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dll
5/3/2020 - 20:46:13.403Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.403Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dll
5/3/2020 - 20:46:13.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.731Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:46:13.825Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:46:13.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:13.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:14.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:14.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:14.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:14.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:14.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.934Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:14.981Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:15.356Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dll
5/3/2020 - 20:46:15.450Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.450Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dll
5/3/2020 - 20:46:15.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.543Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:15.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.12Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:46:16.59Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089
5/3/2020 - 20:46:16.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.200Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:16.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:16.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:16.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:16.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:16.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:16.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:16.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:16.950Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:46:16.950Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:16.950Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:46:16.950Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:16.950Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
5/3/2020 - 20:46:16.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:16.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.418Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.465Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:17.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:17.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:17.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:17.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:17.793Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:17.840Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:17.887Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:18.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:18.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.configmachine.config
5/3/2020 - 20:46:18.122Open1480C:\malware.exeC:\malware.config
5/3/2020 - 20:46:18.122Open1480C:\malware.exeC:\malware.config
5/3/2020 - 20:46:18.122Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.168Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\29259da8265e0e428d9682df679f81d2\System.Xml.ni.dllSystem.Xml.ni.dll
5/3/2020 - 20:46:18.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:18.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:18.356Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.450Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:18.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\6c4229c7fc3ae5af06273718d7a5b935\System.Configuration.ni.dllSystem.Configuration.ni.dll
5/3/2020 - 20:46:18.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:18.590Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.637Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.778Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.825Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.872Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.918Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:18.965Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.12Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.106Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\rasapi32.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\rasapi32.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rasapi32.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rasapi32.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\rasman.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rasman.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rasman.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\rtutils.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rtutils.dll
5/3/2020 - 20:46:19.153Open1480C:\malware.exeC:\Windows\System32\rtutils.dll
5/3/2020 - 20:46:19.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.200Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\ws2_32.dll
5/3/2020 - 20:46:19.200Open1480C:\malware.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:19.247Open1480C:\malware.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:19.247Open1480C:\malware.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:19.247Open1480C:\malware.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:19.247Open1480C:\malware.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:19.247Open1480C:\malware.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:19.247Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.340Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.434Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.575Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.622Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.668Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.762Open1480C:\malware.exeC:\Windows\System32\tzres.dll
5/3/2020 - 20:46:19.762Open1480C:\malware.exeC:\Windows\System32\tzres.dll
5/3/2020 - 20:46:19.762Open1480C:\malware.exeC:\Windows\System32\tzres.dll
5/3/2020 - 20:46:19.762Open1480C:\malware.exeC:\Windows\System32\tzres.dll
5/3/2020 - 20:46:19.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:19.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.903Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.950Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:19.997Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.90Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.184Open1480C:\malware.exeC:\Windows\System32\pt-BR\KernelBase.dll.mui
5/3/2020 - 20:46:20.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.278Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:20.278Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:20.278Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:20.278Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
5/3/2020 - 20:46:20.278Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:20.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:20.293Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
5/3/2020 - 20:46:20.293Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
5/3/2020 - 20:46:20.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll
5/3/2020 - 20:46:20.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.293Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.309Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\winhttp.dll
5/3/2020 - 20:46:20.309Open1480C:\malware.exeC:\winhttp.dll
5/3/2020 - 20:46:20.309Open1480C:\malware.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:20.309Open1480C:\malware.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\webio.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\SspiCli.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\credssp.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\credssp.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\credssp.dll
5/3/2020 - 20:46:20.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.325Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\IPHLPAPI.DLL
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\WINNSI.DLL
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:20.325Open1480C:\malware.exeC:\dhcpcsvc6.DLL
5/3/2020 - 20:46:20.340Open1480C:\malware.exeC:\Windows\System32\dhcpcsvc6.dll
5/3/2020 - 20:46:20.340Unknown1480C:\malware.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:20.340Open1480C:\malware.exeC:\Windows\System32\dhcpcsvc6.dll
5/3/2020 - 20:46:20.340Unknown1480C:\malware.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:20.387Open1480C:\malware.exeC:\dhcpcsvc.DLL
5/3/2020 - 20:46:20.387Open1480C:\malware.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:20.387Open1480C:\malware.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.528Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.668Open1480C:\malware.exeC:\RpcRtRemote.dll
5/3/2020 - 20:46:20.668Open1480C:\malware.exeC:\Windows\System32\RpcRtRemote.dll
5/3/2020 - 20:46:20.668Unknown1480C:\malware.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:20.668Open1480C:\malware.exeC:\Windows\System32\RpcRtRemote.dll
5/3/2020 - 20:46:20.668Unknown1480C:\malware.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:20.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.715Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\iphlpapi.dll
5/3/2020 - 20:46:20.715Open1480C:\malware.exeC:\DNSAPI.dll
5/3/2020 - 20:46:20.715Open1480C:\malware.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:20.715Open1480C:\malware.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:20.762Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:20.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.809Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.856Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:20.903Open1480C:\malware.exeC:\rasadhlp.dll
5/3/2020 - 20:46:20.903Open1480C:\malware.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:20.903Open1480C:\malware.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:20.950Open1480C:\malware.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:20.950Open1480C:\malware.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:21.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.215Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:21.372Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.684Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.700Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\psapi.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dllmscorlib.resources.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.700Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\security.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\security.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\security.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\security.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\SECUR32.DLL
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:22.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\schannel.dll
5/3/2020 - 20:46:22.731Open1480C:\malware.exeC:\Windows\System32\schannel.dll
5/3/2020 - 20:46:22.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.731Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:22.747Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\ncrypt.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\Windows\System32\ncrypt.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\Windows\System32\ncrypt.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\Windows\System32\bcryptprimitives.dll
5/3/2020 - 20:46:23.28Unknown1480C:\malware.exeC:\Windows\System32\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\Windows\System32\bcryptprimitives.dll
5/3/2020 - 20:46:23.28Unknown1480C:\malware.exeC:\Windows\System32\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:23.28Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\crypt32.dll
5/3/2020 - 20:46:23.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:23.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:23.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:23.43Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CRYPT32.dll
5/3/2020 - 20:46:23.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:23.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:23.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:23.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:23.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:23.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:23.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:23.59Open1480C:\malware.exeC:\GPAPI.dll
5/3/2020 - 20:46:23.59Open1480C:\malware.exeC:\Windows\System32\gpapi.dll
5/3/2020 - 20:46:23.59Open1480C:\malware.exeC:\Windows\System32\gpapi.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\p2pcollab.dll
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Windows\System32\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\p2pcollab.dll
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Windows\System32\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\QAGENTRT.DLL
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\QAGENTRT.DLL
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\fveui.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\fveui.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\fveui.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\fveui.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\wuaueng.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\wuaueng.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\cryptnet.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\cryptnet.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Windows\System32\cryptnet.dll
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:23.137Open1480C:\malware.exeC:\SensApi.dll
5/3/2020 - 20:46:23.153Open1480C:\malware.exeC:\Windows\System32\SensApi.dll
5/3/2020 - 20:46:23.153Open1480C:\malware.exeC:\Windows\System32\SensApi.dll
5/3/2020 - 20:46:23.387Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.387Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:23.387Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:24.950Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:24.950Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:24.950Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:24.950Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:24.950Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:24.950Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:24.950Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:24.950Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:24.950Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:24.981Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:24.981Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:24.981Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:24.981Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:24.981Open1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Write1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416070E0202839D9D67350CD2613E78E416
5/3/2020 - 20:46:25.262Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:25.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.465Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.465Open1480C:\malware.exeC:\Windows\assembly\GAC_64\System.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:25.465Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:25.465Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:25.465Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll
5/3/2020 - 20:46:25.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:25.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089
5/3/2020 - 20:46:25.481Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll
5/3/2020 - 20:46:25.481Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll
5/3/2020 - 20:46:25.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dll
5/3/2020 - 20:46:25.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pt-BR_b77a5c561934e089\system.resources.dllsystem.resources.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.481Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.497Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:25.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.497Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:25.497Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.809Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:25.809Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:25.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.122Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:26.122Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.418Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.418Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:26.418Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.418Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.418Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.715Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:26.715Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:26.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.12Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:27.12Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.12Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.309Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:27.309Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.606Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:27.606Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.903Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:27.903Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:27.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.200Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:28.200Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.512Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:28.512Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.809Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:28.809Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:28.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.106Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:29.106Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.403Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:29.403Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.403Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.715Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:29.715Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:29.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:30.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:30.12Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
5/3/2020 - 20:46:30.12Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:30.12Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\a1
5/3/2020 - 20:46:30.12Open1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:30.12Unknown1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:30.12Open1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:30.12Unknown1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:30.43Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.59Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dll
5/3/2020 - 20:46:30.59Unknown1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Open1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:46:30.59Unknown1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.59Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.75Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.137Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.184Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbem\wmiutils.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbem\wmiutils.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbem\wbemcomn.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbemcomn.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbemcomn.dll
5/3/2020 - 20:46:30.184Open1480C:\malware.exeC:\Windows\System32\wbem\Logs
5/3/2020 - 20:46:30.184Unknown1480C:\malware.exeC:\Windows\System32\wbem\Logs
5/3/2020 - 20:46:30.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.278Open1480C:\malware.exeC:\Windows\System32\wbem\wbemprox.dll
5/3/2020 - 20:46:30.278Open1480C:\malware.exeC:\Windows\System32\wbem\wbemprox.dll
5/3/2020 - 20:46:30.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.325Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
5/3/2020 - 20:46:30.372Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.372Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
5/3/2020 - 20:46:30.372Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.418Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.465Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.512Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
5/3/2020 - 20:46:30.512Unknown1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.512Open1480C:\malware.exeC:\malware.exe.Local
5/3/2020 - 20:46:30.512Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:30.512Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:30.512Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:30.512Read1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dllWMINet_Utils.dll
5/3/2020 - 20:46:30.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.512Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:30.653Open1480C:\malware.exeC:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\oleaut32.dll
5/3/2020 - 20:46:30.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:30.981Open1480C:\malware.exeC:\Windows\System32\wbem\wbemsvc.dll
5/3/2020 - 20:46:30.981Open1480C:\malware.exeC:\Windows\System32\wbem\wbemsvc.dll
5/3/2020 - 20:46:31.28Open1480C:\malware.exeC:\Windows\System32\wbem\fastprox.dll
5/3/2020 - 20:46:31.28Open1480C:\malware.exeC:\Windows\System32\wbem\fastprox.dll
5/3/2020 - 20:46:31.28Open1480C:\malware.exeC:\Windows\System32\wbem\NTDSAPI.dll
5/3/2020 - 20:46:31.28Open1480C:\malware.exeC:\Windows\System32\ntdsapi.dll
5/3/2020 - 20:46:31.28Open1480C:\malware.exeC:\Windows\System32\ntdsapi.dll
5/3/2020 - 20:46:31.28Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dllmscorlib.ni.dll
5/3/2020 - 20:46:32.606Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:32.715Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\423a86328b4997e022986fc2450b9971\System.Management.ni.dllSystem.Management.ni.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\OLEAUT32.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\shell32.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Monitor
5/3/2020 - 20:46:33.465Unknown1480C:\malware.exeC:\Monitor
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\PROPSYS.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\System32\shell32.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\malware.exe.Local
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.465Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.465Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.465Open1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.465Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:33.481Unknown1480C:\malware.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:33.481Read1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\System32\urlmon.dll
5/3/2020 - 20:46:33.481Open1480C:\malware.exeC:\Windows\System32\urlmon.dll
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:33.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.497Unknown1480C:\malware.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.497Unknown1480C:\malware.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:33.497Unknown1480C:\malware.exeC:\Program Files
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe:Zone.Identifier
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Monitor
5/3/2020 - 20:46:33.497Unknown1480C:\malware.exeC:\Monitor
5/3/2020 - 20:46:33.497Open1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.559Open1480C:\malware.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:33.559Open1480C:\malware.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:33.559Unknown1480C:\malware.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.559Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
5/3/2020 - 20:46:33.606Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pfIEXPLORE.EXE-908C99F8.pf
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dll
5/3/2020 - 20:46:33.606Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
5/3/2020 - 20:46:33.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
5/3/2020 - 20:46:33.622Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
5/3/2020 - 20:46:33.622Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RECOVERYSTORE.{6C9E6232-4F1A-11E8-8B8A-525400842A13}.DAT
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF31E8A27AA33A1DCA.TMP
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{6C9E6234-4F1A-11E8-8B8A-525400842A13}.DAT
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF96115008492A9D98.TMP
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:33.637Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
5/3/2020 - 20:46:33.637Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
5/3/2020 - 20:46:33.653Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
5/3/2020 - 20:46:33.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\comdlg32.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:33.715Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:33.715Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db{D26FB7DB-64FE-4194-9875-380C6181B1A4}.2.ver0x0000000000000001.db
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\KernelBase.dllKernelBase.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\gdi32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\lpk.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\usp10.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msvcrt.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\advapi32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcrt4.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shlwapi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\iertutil.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\normaliz.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msctf.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ole32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaut32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\urlmon.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wininet.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\userenv.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\profapi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ws2_32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nsi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\clbcatq.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\crypt32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msasn1.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\setupapi.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cfgmgr32.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\devobj.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sechost.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.731Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\version.DLL
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
5/3/2020 - 20:46:33.731Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\version.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\imm32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTBASE.DLL
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dll
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEFRAME.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieframe.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
5/3/2020 - 20:46:33.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:33.762Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rpcss.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:46:33.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\uxtheme.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dwmapi.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dwmapi.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
5/3/2020 - 20:46:33.840Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\Secur32.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\secur32.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\SSPICLI.DLL
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\sspicli.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:33.840Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.840Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.840Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.856Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winhttp.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\webio.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.903Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.903Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.903Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mswsock.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wship6.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IPHLPAPI.DLL
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\IPHLPAPI.DLL
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\WINNSI.DLL
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:33.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\winnsi.dll
5/3/2020 - 20:46:34.12Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
5/3/2020 - 20:46:34.12Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netprofm.dll
5/3/2020 - 20:46:34.12Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
5/3/2020 - 20:46:34.12Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\nlaapi.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\CRYPTSP.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\cryptsp.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rsaenh.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\RpcRtRemote.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
5/3/2020 - 20:46:34.153Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:34.153Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dll
5/3/2020 - 20:46:34.153Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:34.231Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\npmproxy.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\suspend.dll
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
5/3/2020 - 20:46:34.278Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin
5/3/2020 - 20:46:34.278Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.binurlblocklist.bin
5/3/2020 - 20:46:34.278Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Monitor
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Adobe\Flash Player\NativeCache
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Tracking Protection
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.293Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Feeds
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\TabRoaming
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\PlayReady
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\DNTException\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\Low
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:34.325Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
5/3/2020 - 20:46:34.325Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WSHTCPIP.DLL
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\DNSAPI.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dnsapi.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\rasadhlp.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\rasadhlp.dll
5/3/2020 - 20:46:34.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:34.387Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\NETAPI32.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netapi32.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\netutils.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
5/3/2020 - 20:46:34.387Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\netutils.dll
5/3/2020 - 20:46:34.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\srvcli.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\srvcli.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\wkscli.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\wkscli.dll
5/3/2020 - 20:46:34.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\IEUI.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
5/3/2020 - 20:46:34.403Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ieui.dll
5/3/2020 - 20:46:34.403Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System\9b0f837c5a73d17be9743868915d6115\System.ni.dllSystem.ni.dll
5/3/2020 - 20:46:34.465Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:34.465Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:34.528Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.528Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.528Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.528Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.528Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.575Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:34.575Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\FWPUCLNT.DLL
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
5/3/2020 - 20:46:34.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\shell32.dll
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exe.Local
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:34.668Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\apphelp.dll
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:34.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\apphelp.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
5/3/2020 - 20:46:34.684Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dll
5/3/2020 - 20:46:34.684Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleacc.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\OLEACCRC.DLL
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
5/3/2020 - 20:46:34.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\oleaccrc.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
5/3/2020 - 20:46:34.700Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dll
5/3/2020 - 20:46:34.700Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\ExplorerFrame.dllExplorerFrame.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\duser.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dui70.dll
5/3/2020 - 20:46:34.700Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
5/3/2020 - 20:46:34.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MSIMG32.dll
5/3/2020 - 20:46:34.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
5/3/2020 - 20:46:34.715Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\msimg32.dll
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.778Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.778Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.778Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\PROPSYS.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:34.778Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mssprxy.dll
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\en\IEXPLORE.EXE.mui
5/3/2020 - 20:46:34.950Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:34.950Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
5/3/2020 - 20:46:35.12Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pfIEXPLORE.EXE-4B6C9213.pf
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\$EXTEND
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
5/3/2020 - 20:46:35.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot
5/3/2020 - 20:46:35.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
5/3/2020 - 20:46:35.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:35.43Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:35.43Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\BCFED8GC.TXT
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I6P0K07S.TXT
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\PT-BR[1].HTM
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gif
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].png
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpg
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpg
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpg
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].png
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].png
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].css
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woff
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.mui
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.122Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.122Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].png
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\Z075FCUF.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\209I53WF.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\KKO6BXU4.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\W15N7ZSW.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IX7DPVU.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dll
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VMNAML7Z.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].png
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].png
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpg
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].png
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htm
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].js
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\SILENTPASSPORT[1].HTM
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FZP5WLKE.TXT
5/3/2020 - 20:46:35.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dll
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].png
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htm
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].js
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ASYNC_USERSYNC[1].JS
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\VP5UL7J7.TXT
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\9LD3P0Y8.TXT
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.153Read1480C:\malware.exeC:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\76e0e33fc1c3f1da85d42fc68c13638a\System.Windows.Forms.ni.dllSystem.Windows.Forms.ni.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\X0AL0GS5.TXT
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\6SGKN470.TXT
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[2].XML
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[3].XML
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\QSML[6].XML
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\TOEJ0U6L.TXT
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.db
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\VCREDIST_X86[1].EXE
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\2RMLHNN7.TXT
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\V1[1].HTM
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].css
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].png
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].js
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpg
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].js
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js
5/3/2020 - 20:46:35.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].js
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xml
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0A8EFV2Z.TXT
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\5DWWY1IU.TXT
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0RSIIBM3.TXT
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\MYD0W1QU.TXT
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eot
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eot
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eot
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].png
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].png
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].png
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].png
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].png
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\LIKE[1].HTM
5/3/2020 - 20:46:35.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].js
5/3/2020 - 20:46:35.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAnimation.dllUIAnimation.dll
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ro-RO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~th-TH~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~nl-NL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~sl-SI~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~et-EE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecsExt.dllWindowsCodecsExt.dll
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6.dll
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hi-IN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~he-IL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~el-GR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~uk-UA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hr-HR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-CN~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~lt-LT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-HK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~cs-CZ~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~zh-TW~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sk-SK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~da-DK~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ja-JP~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-BR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-Graphics-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~lv-LV~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~ar-SA~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~pt-PT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~sv-SE~7.1.7601.16492.cat
5/3/2020 - 20:46:35.247Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~ru-RU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~hu-HU~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~it-IT~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~tr-TR~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-Windows-WinIP-Package~31bf3856ad364e35~amd64~pl-PL~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.catWin8IP-Microsoft-Windows-DownlevelApisets-WinIP-Package~31bf3856ad364e35~amd64~nb-NO~7.1.7601.16492.cat
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\UIAutomationCore.dllUIAutomationCore.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\psapi.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wpc.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wevtapi.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samcli.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\samlib.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netutils.dll
5/3/2020 - 20:46:35.262Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\locale.nls
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8CS2PRM4.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E046BADA8974A10C4BD62CC921D13E43B18_BEB37ABADF39714871232B4792417E04
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B50D6B15D9F2DCE1EDBB0C098625FBE47_281AC807DE0FEF15F2CA9911FE760A9B
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaccrc.dll
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kvzy[1].pngBB1kvzy[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAwBbg7[1].jpgAAwBbg7[1].jpg
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAv4RrG[1].jpgAAv4RrG[1].jpg
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\AAwGL0I[1].jpgAAwGL0I[1].jpg
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MIiC[1].pngBB8MIiC[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\b8-2f3a4c-4b5f58d3[1].cssb8-2f3a4c-4b5f58d3[1].css
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat~FontCache-System.dat
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\41-e73167-68ddb2ab[1].js41-e73167-68ddb2ab[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat~FontCache-FontFace.dat
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat~FontCache-S-1-5-21-2148495166-3420019059-1286093062-1001.dat
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\c64c2a[1].woffc64c2a[1].woff
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.muijscript9.dll.mui
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S4OWK0RR.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\OLU3XFVE.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B45457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C775080DC7A65DB6A5960ECD874088F3328_2908F682DFC81A793BD240CF29711C77
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B024823B39FBEACCDB5C06426A8168E99_D14B1CE36D9D0F93A634A5E9E22B442B
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\990861[1].svg990861[1].svg
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\M4DVBFFQ.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA2JbD3[1].pngAA2JbD3[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\S5MKAZSW.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\0SX9NXYL.txt
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\desktop.ini
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\desktop.ini
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\ast[1].jsast[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\24-3b1d5e-68ddb2ab[1].js24-3b1d5e-68ddb2ab[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\chartbeat[1].jschartbeat[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\AA3jsXa[1].pngAA3jsXa[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BBqgb7K[1].pngBBqgb7K[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAwGgve[1].jpgAAwGgve[1].jpg
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\AAgPBML[1].pngAAgPBML[1].png
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\MSNIdSync[1].jsMSNIdSync[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\br_msn_home_vitrine[1].jsbr_msn_home_vitrine[1].js
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.278Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD67423F88C7F265F0DEFC08EA88C3BDE45_D975BBA8033175C8D112023D8A7A8AD6
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0EA9E4F776657345B52012CE8E279D314C_9E5F079A21E9B5A16B5D6449033D0D0E
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5ABEDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\br_msn_home_vitrine.cfg[1].jsbr_msn_home_vitrine.cfg[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\aep-formats-20.14.0.min[1].jsaep-formats-20.14.0.min[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\59c177f5d970c300041220e2.tpl.min[1].js59c177f5d970c300041220e2.tpl.min[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\TaboolaCookieSyncScript[1].jsTaboolaCookieSyncScript[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE46BADA8974A10C4BD62CC921D13E43B18_88614FFAD35D353421B8A7E1FE18FCE4
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\59c177f5d970c300041220e2[1].css59c177f5d970c300041220e2[1].css
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F6BADA8974A10C4BD62CC921D13E43B18_C9FB72B5AE80778A08024D8B0FDECC6F
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\58b810[1].gif58b810[1].gif
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42F12703B35B1F82C21160A92376087C84_D65FD79591497596ED270B90105A4D42
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\msn[1].htmmsn[1].htm
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\publishertag[1].jspublishertag[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\c08e43[1].jpgc08e43[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msxml6r.dll
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\865070[1].jpg865070[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8bd8bf[1].jpg8bd8bf[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\8adb60[1].jpg8adb60[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\undefined[1].pngundefined[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784660[1].jpg784660[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\784659[1].jpg784659[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784663[1].jpg784663[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\784658[1].jpg784658[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\async_usersync[1].htmasync_usersync[1].htm
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\beacon[1].jsbeacon[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\19O5P9C0.txt
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\8IS70EJY.txt
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1B398B80134F72209547439DB21AB308D_D93C575AD9E9AF9B95268A3CB953B5A1
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA41099915FBCE5ECE56452A09FB65EDE2FAD2_80F9A36DBD5FAAA38A8DED2B49FA4109
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\GRO8Z4YG.txt
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\D3LNK60R.txt
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.tlb
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\C_20127.NLS
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\cversions.2.dbcversions.2.db
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000011.db
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\ProgramData\Microsoft\Windows\Caches\{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\vcredist_x64.exe
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\vcredist_x86.exe
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\style[1].cssstyle[1].css
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\bing-search-logo[1].pngbing-search-logo[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png4300ae64-546c-4bbe-9026-6779b3684fb8_32[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[1].jsscript[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\click-run_pt-br[1].jpgclick-run_pt-br[1].jpg
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\script[2].jsscript[2].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24BB398B80134F72209547439DB21AB308D_592839A8569F831D0F2306AE4BB5C24B
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\1715500327[1].js1715500327[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA734753452036BADA8974A10C4BD62CC921D13E43B18_D9817BD5013875AD517DA73475345203
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\jquery-1.8.3.min[1].jsjquery-1.8.3.min[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\SM4GL60W\www.microsoft[1].xmlwww.microsoft[1].xml
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[1].eotlatest[1].eot
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\latest[2].eotlatest[2].eot
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\seguisb.ttf
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\latest[1].eotlatest[1].eot
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\search_icon[1].pngsearch_icon[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\micross.ttf
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\ie[1].pngie[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\yellow-arrow[1].pngyellow-arrow[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\Bing[1].pngBing[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\windowsupdate[1].pngwindowsupdate[1].png
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B35DDEDF268117918D1D277A171D8DF7B_F2DE72102A14736B534BAAAB62F0BD4B
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\xfLjhe25qYs[1].jsxfLjhe25qYs[1].js
5/3/2020 - 20:46:35.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\ntdll.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\kernel32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\kernel32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\user32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\apisetschema.dllapisetschema.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\KernelBase.dllKernelBase.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msvcrt.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dllapi-ms-win-downlevel-advapi32-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\advapi32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcrt4.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sspicli.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptbase.dllcryptbase.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\iertutil.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dllapi-ms-win-downlevel-version-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dllapi-ms-win-downlevel-user32-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\user32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gdi32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\lpk.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\usp10.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dllapi-ms-win-downlevel-normaliz-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\normaliz.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dllapi-ms-win-downlevel-shlwapi-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shlwapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleaut32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\comdlg32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dllapi-ms-win-downlevel-ole32-l1-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\userenv.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\profapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\urlmon.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ws2_32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nsi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\clbcatq.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\setupapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cfgmgr32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\devobj.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wintrust.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\crypt32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msasn1.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Wldap32.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\oleacc.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winmm.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imgutil.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mfplat.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\avrt.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtmlmedia.dllmshtmlmedia.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mf.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\atl.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ksuser.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\t2embed.dll
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exe\Device\HarddiskVolume2
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64win.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64cpu.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\System32\wow64log.dll
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.387Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows
5/3/2020 - 20:46:35.387Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sechost.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\version.DLL
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\version.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\imm32.dll
5/3/2020 - 20:46:35.403Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\security.config.cch.1480.1115218
5/3/2020 - 20:46:35.403Open1480C:\malware.exeC:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\enterprisesec.config.cch.1480.1115218
5/3/2020 - 20:46:35.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\64bit\security.config.cch.1480.1115312
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nls
5/3/2020 - 20:46:35.418Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.418Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.418Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEFRAME.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:35.418Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
5/3/2020 - 20:46:35.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.434Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:35.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.434Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.434Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
5/3/2020 - 20:46:35.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Monitor
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Windows\System32\pt-BR\KernelBase.dll.muiKernelBase.dll.mui
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6
5/3/2020 - 20:46:35.434Unknown1480C:\malware.exeC:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEShims.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rpcss.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
5/3/2020 - 20:46:35.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\uxtheme.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\Secur32.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\secur32.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:35.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dllapi-ms-win-downlevel-advapi32-l2-1-0.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mswsock.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IPHLPAPI.DLL
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\IPHLPAPI.DLL
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINNSI.DLL
5/3/2020 - 20:46:35.590Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winnsi.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\CRYPTSP.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptsp.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rsaenh.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\RpcRtRemote.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
5/3/2020 - 20:46:35.606Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:35.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dll
5/3/2020 - 20:46:35.606Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\RpcRtRemote.dllRpcRtRemote.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ieproxy.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dllapi-ms-win-downlevel-shlwapi-l2-1-0.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dwmapi.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dwmapi.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:35.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:35.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\sqmapi.dll
5/3/2020 - 20:46:35.762Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.762Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.762Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:35.762Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:35.762Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:35.762Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MSHTML.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d2d1.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d2d1.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DWrite.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
5/3/2020 - 20:46:35.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DWrite.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dxgi.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dxgi.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DXGIDebug.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\DXGIDebug.dll
5/3/2020 - 20:46:35.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:36.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\bcrypt.dll
5/3/2020 - 20:46:36.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
5/3/2020 - 20:46:36.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcrypt.dll
5/3/2020 - 20:46:36.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
5/3/2020 - 20:46:36.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:36.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dll
5/3/2020 - 20:46:36.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\bcryptprimitives.dllbcryptprimitives.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\shell32.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\apphelp.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\apphelp.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\MLANG.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mlang.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\PROPSYS.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History
5/3/2020 - 20:46:36.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
5/3/2020 - 20:46:36.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\History\History.IE5
5/3/2020 - 20:46:36.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\DNSAPI.dll
5/3/2020 - 20:46:36.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:36.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:36.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
5/3/2020 - 20:46:36.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wininet.dll
5/3/2020 - 20:46:36.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc6.DLL
5/3/2020 - 20:46:36.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
5/3/2020 - 20:46:36.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:36.747Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dll
5/3/2020 - 20:46:36.747Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:36.793Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\dhcpcsvc.DLL
5/3/2020 - 20:46:36.793Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:36.793Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\dhcpcsvc.dll
5/3/2020 - 20:46:37.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\TZGFZZAN.txt
5/3/2020 - 20:46:37.200Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\TZGFZZAN.txt
5/3/2020 - 20:46:37.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\3L3U065O.txt
5/3/2020 - 20:46:37.200Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\3L3U065O.txt
5/3/2020 - 20:46:37.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:37.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:37.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\rasadhlp.dll
5/3/2020 - 20:46:37.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
5/3/2020 - 20:46:37.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\rasadhlp.dll
5/3/2020 - 20:46:37.309Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.309Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.309Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.309Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.309Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.309Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.309Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.309Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.309Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SXS.DLL
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\sxs.dll
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\stdole2.tlb
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
5/3/2020 - 20:46:37.403Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\FWPUCLNT.DLL
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WSHTCPIP.DLL
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wship6.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\wshqos.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEUI.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
5/3/2020 - 20:46:37.512Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieui.dll
5/3/2020 - 20:46:37.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\MLANG.dll
5/3/2020 - 20:46:37.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
5/3/2020 - 20:46:37.606Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mlang.dll
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\
5/3/2020 - 20:46:37.653Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
5/3/2020 - 20:46:37.653Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\desktop.ini
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:37.653Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:37.653Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
5/3/2020 - 20:46:37.653Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Favorites\desktop.ini
5/3/2020 - 20:46:37.653Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\desktop.ini
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\propsys.dll
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\propsys.dll
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
5/3/2020 - 20:46:37.668Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
5/3/2020 - 20:46:37.668Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt
5/3/2020 - 20:46:37.668Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.668Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\imagestore\iwbzmlt\imagestore.datimagestore.dat
5/3/2020 - 20:46:37.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\iconcache
5/3/2020 - 20:46:37.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\url.dll
5/3/2020 - 20:46:37.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\Desktop\url.dll
5/3/2020 - 20:46:37.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\url.dll
5/3/2020 - 20:46:37.684Open3032C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\api-ms-win-core-winrt-string-l1-1-0.dll
5/3/2020 - 20:46:37.684Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
5/3/2020 - 20:46:37.684Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ole32.dll
5/3/2020 - 20:46:37.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.747Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\V7QHPZXZ.txt
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF249CDEC64EF5DE5A.TMP~DF249CDEC64EF5DE5A.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.datRecoveryStore.{71DC6F24-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Temp\~DF2068C665F4B06C65.TMP~DF2068C665F4B06C65.TMP
5/3/2020 - 20:46:37.809Read3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Write3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Unknown3032C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat{71DC6F26-4F1B-11E8-8B8A-525400842A13}.dat
5/3/2020 - 20:46:37.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.809Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.809Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\I09XW8FO.txt
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Cookies\FP1HQB77.txt
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:37.825Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htm
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.825Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:37.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\mshtml.dll
5/3/2020 - 20:46:37.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.Manifest
5/3/2020 - 20:46:37.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
5/3/2020 - 20:46:37.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE.Local
5/3/2020 - 20:46:37.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:37.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:37.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
5/3/2020 - 20:46:37.950Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.950Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\pt-br[1].htmpt-br[1].htm
5/3/2020 - 20:46:37.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:37.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:38.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
5/3/2020 - 20:46:38.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\netprofm.dll
5/3/2020 - 20:46:38.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
5/3/2020 - 20:46:38.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\nlaapi.dll
5/3/2020 - 20:46:38.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
5/3/2020 - 20:46:38.153Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\npmproxy.dll
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gif
5/3/2020 - 20:46:38.200Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer
5/3/2020 - 20:46:38.200Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
5/3/2020 - 20:46:38.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
5/3/2020 - 20:46:38.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].png
5/3/2020 - 20:46:38.215Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:38.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.215Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
5/3/2020 - 20:46:38.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msimtf.dll
5/3/2020 - 20:46:38.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:38.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
5/3/2020 - 20:46:38.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:38.293Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dll
5/3/2020 - 20:46:38.293Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\WindowsCodecs.dllWindowsCodecs.dll
5/3/2020 - 20:46:38.293Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\e151e5[1].gife151e5[1].gif
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\d3d11.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d11.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\D3D10Warp.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
5/3/2020 - 20:46:38.309Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
5/3/2020 - 20:46:38.309Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:38.309Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:38.325Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exe
5/3/2020 - 20:46:38.325Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
5/3/2020 - 20:46:38.325Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:38.325Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dll
5/3/2020 - 20:46:38.325Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\d3d10warp.dlld3d10warp.dll
5/3/2020 - 20:46:38.387Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:38.387Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:38.387Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB8MKSg[1].pngBB8MKSg[1].png
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\credssp.dll
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\credssp.dll
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\schannel.dll
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.434Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.450Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.450Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.481Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.481Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.481Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB10JNka[1].png
5/3/2020 - 20:46:38.481Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB10JNka[1].pngBB10JNka[1].png
5/3/2020 - 20:46:38.481Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB10JNka[1].pngBB10JNka[1].png
5/3/2020 - 20:46:38.481Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB10JNka[1].pngBB10JNka[1].png
5/3/2020 - 20:46:38.481Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB10JNka[1].pngBB10JNka[1].png
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\ncrypt.dll
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ncrypt.dll
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.528Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.528Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\GPAPI.dll
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\gpapi.dll
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.543Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.543Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.543Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.606Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.606Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kKVy[1].png
5/3/2020 - 20:46:38.606Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kKVy[1].pngBB1kKVy[1].png
5/3/2020 - 20:46:38.606Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kKVy[1].pngBB1kKVy[1].png
5/3/2020 - 20:46:38.606Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kKVy[1].pngBB1kKVy[1].png
5/3/2020 - 20:46:38.622Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BB1kKVy[1].pngBB1kKVy[1].png
5/3/2020 - 20:46:38.668Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ieframe.dll
5/3/2020 - 20:46:38.668Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.668Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.668Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BBPqViB[1].png
5/3/2020 - 20:46:38.684Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BBPqViB[1].pngBBPqViB[1].png
5/3/2020 - 20:46:38.684Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BBPqViB[1].pngBBPqViB[1].png
5/3/2020 - 20:46:38.684Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BBPqViB[1].pngBBPqViB[1].png
5/3/2020 - 20:46:38.684Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\BBPqViB[1].pngBBPqViB[1].png
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.700Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAK75JY[1].png
5/3/2020 - 20:46:38.700Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAK75JY[1].pngAAK75JY[1].png
5/3/2020 - 20:46:38.700Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAK75JY[1].pngAAK75JY[1].png
5/3/2020 - 20:46:38.700Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAK75JY[1].pngAAK75JY[1].png
5/3/2020 - 20:46:38.700Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\AAK75JY[1].pngAAK75JY[1].png
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.700Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.700Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.700Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.700Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.715Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.715Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
5/3/2020 - 20:46:38.731Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:38.731Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dll
5/3/2020 - 20:46:38.731Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\p2pcollab.dllp2pcollab.dll
5/3/2020 - 20:46:38.731Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\qagentrt.dll
5/3/2020 - 20:46:38.731Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:38.731Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dnsapi.dll
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\cryptnet.dll
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\cryptnet.dll
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.747Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.747Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_167DB4E3AB356C5B50FAA8944D554776
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0270780F846F08BEFE0DD8112D932FEF
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\SensApi.dll
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\SensApi.dll
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs
5/3/2020 - 20:46:38.762Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.762Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs
5/3/2020 - 20:46:38.778Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Roaming\Microsoft\SystemCertificates\My
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10MmoD[1].jpg
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10MmoD[1].jpgBB10MmoD[1].jpg
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10MmoD[1].jpgBB10MmoD[1].jpg
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10MmoD[1].jpgBB10MmoD[1].jpg
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.840Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10NO6p[1].jpg
5/3/2020 - 20:46:38.840Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10NO6p[1].jpgBB10NO6p[1].jpg
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10NO6p[1].jpgBB10NO6p[1].jpg
5/3/2020 - 20:46:38.840Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\BB10NO6p[1].jpgBB10NO6p[1].jpg
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_167DB4E3AB356C5B50FAA8944D554776
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.856Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0270780F846F08BEFE0DD8112D932FEF
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_5FA8E5E800867BF860DF5E533E701BAF
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\85B3F147E3624A14E6A20DB4F6C2C5D9
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:38.872Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.872Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.918Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\WINHTTP.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\winhttp.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\webio.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\webio.dll
5/3/2020 - 20:46:38.918Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\KernelBase.dll.mui
5/3/2020 - 20:46:38.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:38.981Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:39.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:39.12Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\80-ccfbc0-185735b[1].css80-ccfbc0-185735b[1].css
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
5/3/2020 - 20:46:39.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
5/3/2020 - 20:46:39.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xml
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\XmlLite.dll
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\xmllite.dll
5/3/2020 - 20:46:39.28Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Internet Explorer\DOMStore\O7SUU5RP\www.msn[1].xmlwww.msn[1].xml
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].js
5/3/2020 - 20:46:39.28Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
5/3/2020 - 20:46:39.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\adswrappermsni[1].jsadswrappermsni[1].js
5/3/2020 - 20:46:39.28Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].js
5/3/2020 - 20:46:39.28Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
5/3/2020 - 20:46:39.28Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\jquery-2.1.1.min[1].jsjquery-2.1.1.min[1].js
5/3/2020 - 20:46:39.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\times.ttf
5/3/2020 - 20:46:39.59Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\segoeui.ttf
5/3/2020 - 20:46:39.75Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc6.DLL
5/3/2020 - 20:46:39.75Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
5/3/2020 - 20:46:39.75Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:39.75Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dll
5/3/2020 - 20:46:39.75Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc6.dlldhcpcsvc6.dll
5/3/2020 - 20:46:39.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:39.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:39.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\BBMa8i6[1].jpg
5/3/2020 - 20:46:39.137Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\BBMa8i6[1].jpgBBMa8i6[1].jpg
5/3/2020 - 20:46:39.137Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\BBMa8i6[1].jpgBBMa8i6[1].jpg
5/3/2020 - 20:46:39.137Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\BBMa8i6[1].jpgBBMa8i6[1].jpg
5/3/2020 - 20:46:39.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\dhcpcsvc.DLL
5/3/2020 - 20:46:39.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
5/3/2020 - 20:46:39.137Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\dhcpcsvc.dll
5/3/2020 - 20:46:39.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:39.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\pt-BR\jscript9.dll.mui
5/3/2020 - 20:46:39.215Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll
5/3/2020 - 20:46:39.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:39.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:39.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:39.262Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\msctf.dll
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.278Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_5FA8E5E800867BF860DF5E533E701BAF
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.372Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\85B3F147E3624A14E6A20DB4F6C2C5D9
5/3/2020 - 20:46:39.481Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.481Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.481Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.481Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.481Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:39.481Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:39.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\arial.ttf
5/3/2020 - 20:46:39.543Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\arial.ttf
5/3/2020 - 20:46:39.559Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
5/3/2020 - 20:46:39.559Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2
5/3/2020 - 20:46:39.559Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\BB8MkhA[1].png
5/3/2020 - 20:46:39.668Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\BB8MkhA[1].pngBB8MkhA[1].png
5/3/2020 - 20:46:39.668Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\BB8MkhA[1].pngBB8MkhA[1].png
5/3/2020 - 20:46:39.668Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\BB8MkhA[1].pngBB8MkhA[1].png
5/3/2020 - 20:46:39.668Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCRTXD2\BB8MkhA[1].pngBB8MkhA[1].png
5/3/2020 - 20:46:39.793Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:39.793Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH
5/3/2020 - 20:46:39.793Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\a8a064[1].gif
5/3/2020 - 20:46:39.793Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\a8a064[1].gifa8a064[1].gif
5/3/2020 - 20:46:39.793Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\a8a064[1].gifa8a064[1].gif
5/3/2020 - 20:46:39.793Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJ54RMQH\a8a064[1].gifa8a064[1].gif
5/3/2020 - 20:46:39.825Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.dat
5/3/2020 - 20:46:39.825Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\StaticCache.datStaticCache.dat
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff
5/3/2020 - 20:46:39.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:39.965Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.965Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:39.981Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:39.997Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\arialbd.ttf
5/3/2020 - 20:46:39.997Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\Fonts\arialbd.ttf
5/3/2020 - 20:46:40.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\POWRPROF.DLL
5/3/2020 - 20:46:40.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
5/3/2020 - 20:46:40.12Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\powrprof.dll
5/3/2020 - 20:46:40.75Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\api-ms-win-core-winrt-l1-1-0.dll
5/3/2020 - 20:46:40.75Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:40.75Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:40.106Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:40.106Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:40.106Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:40.106Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\tzres.dll
5/3/2020 - 20:46:40.153Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:40.200Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6STR8JF\85-0f8009-68ddb2ab[1].js85-0f8009-68ddb2ab[1].js
5/3/2020 - 20:46:40.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff
5/3/2020 - 20:46:40.231Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:40.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:40.231Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff
5/3/2020 - 20:46:40.231Read548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:40.231Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHQ10TF8\4996b9[1].woff4996b9[1].woff
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288BCFE86DBBE02D859DC92F1E17E0574EE8_46766FC45507C0B9E264E4C18BC7288B
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Write548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619EDC238BFF48A31D55A97E1E93892934B_C31B2498754E340573F1336DE607D619
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow
5/3/2020 - 20:46:40.247Open548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/2020 - 20:46:40.247Unknown548C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Users\Behemot\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData
5/3/20