Report #9846 check_circle

  • Creation Date: May 4, 2020, 11:46 a.m.
  • Last Update: May 4, 2020, 11:50 a.m.
  • File: doc2.exe
  • Results:
Binary
DLL
False cancel
Size
2.07MB
trid
64.5% Win32 Executable MS Visual C++
13.6% Win32 Dynamic Link Library
9.3% Win32 Executable
4.1% OS/2 Executable
4.1% Generic Win/DOS Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
8441682e667205ae7caa39845078c36d
sha1
5ef079a079754ef4c710c73a144b7e3ce949fe85
crc32
0x9e2d6245
sha224
fa5de08a678a39eb0def2d8c0396a711aab317aae7627c6381946361
sha256
6e3117cdf202705e171b20a5e87e3c64e2a2ff5607caf155e39be045d930fdd9
sha384
ccb37083fe3525b283c0358a7cc6f29e67e520b51c12ceb856eb98a8219c72d88a1b3406cd15b4f2410e804b629eae3d
sha512
06ad8ae4bf75e8fc3b4e6ae73afbd583b6ac5d6ed67a55d33b2f20e5ae16eaf4835e94c8786295c88f62744245a3b2e3e7803068679ba5649aaebad9a8fd2a7c
ssdeep
49152:4YLQAWvG6gfUpOCxVAOUuf99W8i69sIecflWtZk/lIfM37NzVjN:4YLQPG6fkCxuOUma66HcaaSyTp
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
domain, contentis_base64, screenshot, url, IsWindowsGUI, win_files_operation, win_registry, IsPacked, HasOverlay, CRC32_poly_Constant, win_token, IsPE32, escalate_priv, HasRichSignature, IP

Suspicious
True check_circle

Strings
List
http://nsis.sf.net/NSIS_Error
BP.hn
y.Tn
mA.Sk
B.NE
s.DO
o.tg
5.SN
i.la
%s%S.dll
D.cW
5.WS
L.ph
BF.Gy
8.mE
2.gi
7.sd
i.bn
F7.fm
fZ.kR
q.gS
Q.KH
Gz.Cd
f.Mx
fJC0.sm
L/b.CEo
e.dz
6w.Bn{T
COMCTL32.dll
>[%2]
2TPbU-D
~823
&op3A
1aN.h
EEfD{1
T+*iC
e=D,E
TSR|M-#
Z%h@t^eRc
(~~]
@e'd
Om/LT
,NfBI
=whgS
c&opH
fD+NHt7
>&wl6%a
RdL4
1acR
"r%1a)
_(%E1
~>)oR@%a
Py0 as
\)mrWKY%aP
np%7u5Wr
F%n4I
%iIA5
a`_%nAI
}*%%}&
i,%su
LR%E'
m%-oS:
Ls%#e
verifying installer: %d%%
`h%sGww
SWfD
RdbI
nmdFh
Software\Microsoft\Windows\CurrentVersion
a%upMR
aS%AKe
U%naSx
H^ %o
installer's author to obtain a new copy.
unpacking data: %d%%
%n of
Installer integrity check has failed. Common causes include
Control Panel\Desktop\ResourceLocale
.DEFAULT\Control Panel\International
[Rename]
SeShutdownPrivilege
`O.je
xVJ.dod
A.zup}
GetProcAddress
ExitProcess
NullsoftInst6w
3g.lC|
SShG
GetDiskFreeSpaceW
OpenProcessToken
CreateProcessW
ShellExecuteExW
CoCreateInstance
0dE8
e0F4c
3bE3d
OleInitialize
MoveFileExW
RegDeleteKeyExW

Foremost
Matches
0.exe, 40 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: True check_circle
Suspicious: http://nsis.sf.net/nsis_error
hasAllowed: False cancel
hasSuspicious: True check_circle

Files
Allowed: %s%S.dll, ADVAPI32.dll, SHELL32.dll, USER32.dll, KERNEL32.dll, COMCTL32.dll, ole32.dll, GDI32.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 141824
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 1024
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .text, .rdata, .data, .ndata, .rsrc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: False cancel
Suspicious: 4
Linker
Version: 6.0
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 13477
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: advapi32.dll, shell32.dll, user32.dll, kernel32.dll, comctl32.dll, ole32.dll, gdi32.dll
hasLibs: True check_circle
Suspicious: %s%s.dll
hasAllowed: True check_circle
hasSuspicious: True check_circle

Timestamp
Past: False cancel
Valid: True check_circle
Value: 2018-12-15 20:24:36
Future: False cancel

Compilation
Packed: False cancel
Missing: True check_circle
Packers
Compiled: False cancel
Compilers

Obfuscation
XOR: False cancel
Fuzzing: False cancel

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushpopmath
.rsrc: 1

AVclass
johnnie
1
VirusTotal
md5
8441682e667205ae7caa39845078c36d
sha1
5ef079a079754ef4c710c73a144b7e3ce949fe85
SCANS (DETECTION RATE = 65.28%)
AVG
result: Win32:Malware-gen
update: 20191110
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20190321
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=84)
update: 20191110
version: 2019.9.16.1
detected: True check_circle

APEX
result: Malicious
update: 20191110
version: 5.84
detected: True check_circle

Bkav
update: 20191109
version: 1.3.0.9899
detected: False cancel

K7GW
result: Riskware ( 0040eff71 )
update: 20191110
version: 11.76.32507
detected: True check_circle

ALYac
result: Gen:Variant.Johnnie.197910
update: 20191110
version: 1.1.1.5
detected: True check_circle

Avast
result: Win32:Malware-gen
update: 20191110
version: 18.4.3895.0
detected: True check_circle

Avira
result: HEUR/AGEN.1044581
update: 20191110
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190318
version: 1.0.0.2
detected: False cancel

Cyren
result: W32/Trojan.QNRH-0622
update: 20191110
version: 6.2.2.2
detected: True check_circle

DrWeb
result: Trojan.MulDrop11.25973
update: 20191110
version: 7.0.41.7240
detected: True check_circle

GData
result: Gen:Variant.Johnnie.197910
update: 20191110
version: A:25.23920B:26.16596
detected: True check_circle

Panda
result: Trj/CI.A
update: 20191109
version: 4.6.4.2
detected: True check_circle

VBA32
update: 20191106
version: 4.2.0
detected: False cancel

VIPRE
result: Trojan.Win32.Generic!BT
update: 20191110
version: 79214
detected: True check_circle

Zoner
update: 20191109
version: 1.0.0.1
detected: False cancel

ClamAV
update: 20191109
version: 0.102.0.0
detected: False cancel

Comodo
update: 20191110
version: 31702
detected: False cancel

F-Prot
update: 20191110
version: 4.7.1.166
detected: False cancel

Ikarus
result: Trojan.Win32.Injector
update: 20191109
version: 0.1.5.2
detected: True check_circle

McAfee
result: Artemis!8441682E6672
update: 20191110
version: 6.0.6.653
detected: True check_circle

Rising
update: 20191110
version: 25.0.0.24
detected: False cancel

Sophos
result: Mal/Generic-S
update: 20191110
version: 4.98.0
detected: True check_circle

Yandex
result: Trojan.Injector!JUPZKmcEavc
update: 20191108
version: 5.5.2.24
detected: True check_circle

Zillya
result: Trojan.Inject.Win32.299683
update: 20191108
version: 2.0.0.3946
detected: True check_circle

Acronis
update: 20191018
version: 1.1.1.58
detected: False cancel

Alibaba
result: Trojan:Win32/Injector.176fd957
update: 20190527
version: 0.3.0.5
detected: True check_circle

Arcabit
result: Trojan.Johnnie.D30516
update: 20191110
version: 1.0.0.861
detected: True check_circle

Cylance
result: Unsafe
update: 20191110
version: 2.3.1.101
detected: True check_circle

Endgame
result: malicious (high confidence)
update: 20190918
version: 3.0.15
detected: True check_circle

FireEye
result: Generic.mg.8441682e667205ae
update: 20191110
version: 29.7.0.0
detected: True check_circle

TACHYON
update: 20191110
version: 2019-11-10.01
detected: False cancel

Tencent
update: 20191110
version: 1.0.0.1
detected: False cancel

ViRobot
result: Trojan.Win32.Z.Johnnie.2169522
update: 20191109
version: 2014.3.20.0
detected: True check_circle

Webroot
update: 20191110
version: 1.0.0.403
detected: False cancel

eGambit
update: 20191110
version: v5.0.6
detected: False cancel

Ad-Aware
result: Gen:Variant.Johnnie.197910
update: 20191110
version: 3.0.5.370
detected: True check_circle

AegisLab
result: Trojan.Win32.Inject.4!c
update: 20191110
version: 4.2
detected: True check_circle

Emsisoft
result: Gen:Variant.Johnnie.197910 (B)
update: 20191031
version: 2018.12.0.1641
detected: True check_circle

F-Secure
result: Trojan.TR/AD.NsisInject.mxsaj
update: 20191110
version: 12.0.86.52
detected: True check_circle

Fortinet
result: W32/Injector.XJUB!tr
update: 20191110
version: 5.4.247.0
detected: True check_circle

Invincea
result: heuristic
update: 20190904
version: 6.3.6.26157
detected: True check_circle

Jiangmin
update: 20191110
version: 16.0.100
detected: False cancel

Kingsoft
update: 20191110
version: 2013.8.14.323
detected: False cancel

Paloalto
update: 20191110
version: 1.0
detected: False cancel

Symantec
result: ML.Attribute.HighConfidence
update: 20191110
version: 1.11.0.0
detected: True check_circle

Trapmine
update: 20190826
version: 3.1.81.800
detected: False cancel

AhnLab-V3
result: Malware/Win32.Generic.C3536408
update: 20191109
version: 3.16.4.25692
detected: True check_circle

Antiy-AVL
result: Trojan/Win32.Azden
update: 20191110
version: 3.0.0.1
detected: True check_circle

Kaspersky
result: HEUR:Trojan.Win32.Inject.gen
update: 20191110
version: 15.0.1.13
detected: True check_circle

MaxSecure
update: 20191021
version: 1.0.0.1
detected: False cancel

Microsoft
result: Trojan:Win32/Occamy.C
update: 20191110
version: 1.1.16500.1
detected: True check_circle

Qihoo-360
result: Win32/Trojan.0cc
update: 20191110
version: 1.0.0.1120
detected: True check_circle

ZoneAlarm
result: HEUR:Trojan.Win32.Inject.gen
update: 20191110
version: 1.0
detected: True check_circle

Cybereason
update: 20190616
version: 1.2.449
detected: False cancel

ESET-NOD32
result: a variant of Win32/Injector.EIOK
update: 20191110
version: 20322
detected: True check_circle

TrendMicro
result: TROJ_GEN.R011C0PK119
update: 20191110
version: 11.0.0.1006
detected: True check_circle

BitDefender
result: Gen:Variant.Johnnie.197910
update: 20191110
version: 7.2
detected: True check_circle

CrowdStrike
result: win/malicious_confidence_60% (D)
update: 20190702
version: 1.0
detected: True check_circle

K7AntiVirus
result: Riskware ( 0040eff71 )
update: 20191110
version: 11.76.32507
detected: True check_circle

SentinelOne
result: DFI - Malicious PE
update: 20190807
version: 1.0.31.22
detected: True check_circle

Avast-Mobile
update: 20191108
version: 191108-00
detected: False cancel

Malwarebytes
update: 20191109
version: 2.1.1.1115
detected: False cancel

TotalDefense
update: 20191109
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
result: Trojan.Inject
update: 20191109
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Virus.Win32.Gen-Crypt.ccnc
update: 20191110
version: 1.0.134.24859
detected: True check_circle

BitDefenderTheta
result: Gen:NN.ZedlaF.32245.cu4@aiRXSRni
update: 20191108
version: 7.2.37796.0
detected: True check_circle

MicroWorld-eScan
result: Gen:Variant.Johnnie.197910
update: 20191110
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20191108
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: BehavesLike.Win32.AdwareLinkury.vc
update: 20191110
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
update: 20191110
version: 10.0.0.1040
detected: False cancel

total
72
sha256
6e3117cdf202705e171b20a5e87e3c64e2a2ff5607caf155e39be045d930fdd9
scan_id
6e3117cdf202705e171b20a5e87e3c64e2a2ff5607caf155e39be045d930fdd9-1573364532
resource
8441682e667205ae7caa39845078c36d
positives
47
scan_date
2019-11-10 05:42:12
verbose_msg
Scan finished, information embedded
response_code
1
File
Trace
</
4/5/2020 - 10:45:42.965Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
4/5/2020 - 10:45:42.965Open1480C:\malware.exeC:\Windows\SysWOW64\rpcss.dll
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nls
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Windows\Globalization\Sorting\SortDefault.nlsSortDefault.nls
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\SysWOW64\shell32.dll
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\malware.exe.Local
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Windows\WindowsShell.Manifest
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Windows\WindowsShell.ManifestWindowsShell.Manifest
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000000.db
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Users\Behemot\Desktop\desktop.ini
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nse1B2.tmp
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nse1B2.tmp
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\Monitor\Files\DeletedFiles
4/5/2020 - 10:45:43.12Delete1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nse1B2.tmp
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nse1B2.tmp
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Unknown1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Open1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.12Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.28Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.28Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.28Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.28Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.28Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\bin
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\plugins
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Monitor
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\43.opends60.dll
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\43.opends60.dll
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\43.opends60.dll43.opends60.dll
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\43.opends60.dll43.opends60.dll
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\225RTLx86enuVCHeaders.cab225RTLx86enuVCHeaders.cab
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nhdlc.ko
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vshost32.exe
4/5/2020 - 10:45:43.43Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vshost32.exe
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.43Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vshost32.exe
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vshost32.exe
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vshost32.exe
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dll
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dll
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ftrace-bisect.sh
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ftrace-bisect.sh
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ftrace-bisect.shftrace-bisect.sh
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ftrace-bisect.shftrace-bisect.sh
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ftrace-bisect.shftrace-bisect.sh
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\sakwui06s.gif
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\sakwui06s.gif
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\sakwui06s.gifsakwui06s.gif
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\sakwui06s.gifsakwui06s.gif
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\sakwui06s.gifsakwui06s.gif
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\vnd.sun.xml.draw.xml
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\vnd.sun.xml.draw.xml
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\vnd.sun.xml.draw.xmlvnd.sun.xml.draw.xml
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\vnd.sun.xml.draw.xmlvnd.sun.xml.draw.xml
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\vnd.sun.xml.draw.xmlvnd.sun.xml.draw.xml
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\bin
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\distributecolumns.png
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\distributecolumns.png
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\distributecolumns.pngdistributecolumns.png
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\distributecolumns.pngdistributecolumns.png
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\r300-basic.drv
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\r300-basic.drv
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\r300-basic.drvr300-basic.drv
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\r300-basic.drvr300-basic.drv
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\r300-basic.drvr300-basic.drv
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\12d1157d
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\12d1157d
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.59Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\12d1157d
4/5/2020 - 10:45:43.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\12d1157d
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\DbgClr.exe
4/5/2020 - 10:45:43.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\DbgClr.exe
4/5/2020 - 10:45:43.59Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\DbgClr.exe
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\DbgClr.exe
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\DbgClr.exe
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ch04---internal-and-external-firewalls.gif
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ch04---internal-and-external-firewalls.gif
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ch04---internal-and-external-firewalls.gifch04---internal-and-external-firewalls.gif
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ch04---internal-and-external-firewalls.gifch04---internal-and-external-firewalls.gif
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ch04---internal-and-external-firewalls.gifch04---internal-and-external-firewalls.gif
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\wbemDC.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\win32-software.xml
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\win32-software.xml
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\win32-software.xmlwin32-software.xml
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\win32-software.xmlwin32-software.xml
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\win32-software.xmlwin32-software.xml
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\installutil.exe
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\installutil.exe
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\installutil.exeinstallutil.exe
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\installutil.exeinstallutil.exe
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\libisc.so.169
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\libisc.so.169
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\libisc.so.169libisc.so.169
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\libisc.so.169libisc.so.169
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\scstyleapply.png
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\scstyleapply.png
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\scstyleapply.pngscstyleapply.png
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\scstyleapply.pngscstyleapply.png
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\noscript.css
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\noscript.css
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\noscript.css
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\noscript.css
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\malware.exe
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu1C3.tmp
4/5/2020 - 10:45:43.75Write1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\subtype\ActiveSyncBootstrap.dllActiveSyncBootstrap.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dll
4/5/2020 - 10:45:43.75Read1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\vsjitdebuggerui.dllvsjitdebuggerui.dll
4/5/2020 - 10:45:43.75Open1480C:\malware.exeC:\share\snmp\snmpconf-data\snmpd-data
4/5/2020 - 10:45:43.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
4/5/2020 - 10:45:43.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
4/5/2020 - 10:45:43.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
4/5/2020 - 10:45:43.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\AppPatch\sysmain.sdb
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Unknown1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows
4/5/2020 - 10:45:43.106Unknown1480C:\malware.exeC:\Windows
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Unknown1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Unknown1480C:\malware.exeC:\Windows\SysWOW64
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.106Read1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Unknown1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
4/5/2020 - 10:45:43.122Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
4/5/2020 - 10:45:43.122Unknown1480C:\malware.exeC:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dllapi-ms-win-downlevel-shell32-l1-1-0.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\SysWOW64\ieframe.dll
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\malware.exe.Local
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.122Unknown1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.122Open1480C:\malware.exeC:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.137Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsz231.tmp
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.137Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp242.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp243.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp244.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp245.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp246.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp247.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp248.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp249.tmp
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25A.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25B.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25C.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25D.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25E.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf25F.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf260.tmp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf261.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu271.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu272.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu273.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu274.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu275.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu276.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu277.tmp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu278.tmp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk289.tmp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk28A.tmp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk28B.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa338.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa339.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33A.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33B.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33C.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33D.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33E.tmp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa33F.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp34F.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp350.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp351.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp352.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp353.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp354.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp355.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp356.tmp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.387Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp357.tmp
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.403Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.403Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf368.tmp
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.403Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.403Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.403Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf369.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf406.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf407.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf408.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf409.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf40A.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf40B.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf40C.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf40D.tmp
4/5/2020 - 10:45:43.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv41E.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv41F.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv420.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv421.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv422.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv423.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv424.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv425.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv426.tmp
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl437.tmp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv4C4.tmp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv4C5.tmp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv4C6.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg554.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg555.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg556.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg557.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg558.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg559.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg55A.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg55B.tmp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg55C.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv56C.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv56D.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv56E.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv56F.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv570.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv571.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv572.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv573.tmp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv574.tmp
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl585.tmp
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:43.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:43.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl586.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl623.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl624.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl625.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl626.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl627.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl628.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl629.tmp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.59Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl62A.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb63B.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb63C.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb63D.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb63E.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb63F.tmp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.75Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb640.tmp
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr651.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6DE.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6DF.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E0.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E1.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E2.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E3.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E4.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb6E5.tmp
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.231Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6F6.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6F7.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6F8.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6F9.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6FA.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6FB.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6FC.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6FD.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr6FE.tmp
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.247Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.262Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.262Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.262Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.262Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.262Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.262Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg70E.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7CB.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7CC.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7CD.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7CE.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7CF.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7D0.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7D1.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm7D2.tmp
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.450Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E3.tmp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E4.tmp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E5.tmp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E6.tmp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E7.tmp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc7E8.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc885.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc886.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc887.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc888.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc889.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc88A.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc88B.tmp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc88C.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr89C.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr89D.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr89E.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr89F.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr8A0.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr8A1.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr8A2.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr8A3.tmp
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.637Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.653Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr8B4.tmp
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.653Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.653Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.653Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh8B5.tmp
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss8F5.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B1.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B2.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B3.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B4.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B5.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx9B6.tmp
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9C7.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9C8.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9C9.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CA.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CB.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CC.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CD.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CE.tmp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsn9CF.tmp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc9DF.tmp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc9E0.tmp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:44.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc9E1.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA7F.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA80.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA81.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA82.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA83.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA84.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA85.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA86.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsdA87.tmp
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA97.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA98.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA99.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9A.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9B.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9C.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9D.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9E.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssA9F.tmp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nssAA0.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB1.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB2.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB3.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB4.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB5.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB6.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB7.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB8.tmp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiAB9.tmp
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.200Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiB08.tmp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyB67.tmp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyB68.tmp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyB69.tmp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyB6A.tmp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyB6B.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstB9B.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstB9C.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstB9D.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstB9E.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstB9F.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstBA0.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstBA1.tmp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nstBA2.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB2.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB3.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB4.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB5.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB6.tmp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiBB7.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC54.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC55.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC56.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC57.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC58.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC59.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC5A.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC5B.tmp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsiC5C.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC6D.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC6E.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC6F.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC70.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC71.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC72.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC73.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC74.tmp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyC75.tmp
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoC86.tmp
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjCB6.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD14.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD15.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD16.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD17.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD18.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD19.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD1A.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD1B.tmp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsyD1C.tmp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoD2D.tmp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoD2E.tmp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoD2F.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD5F.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD60.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD61.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD62.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD63.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD64.tmp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.747Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjD65.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE02.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE03.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE04.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE05.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE06.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE07.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE08.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsjE09.tmp
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1A.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1B.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1C.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1D.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1E.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE1F.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE20.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE21.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszE22.tmp
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoE32.tmp
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoE33.tmp
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:45.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:45.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsoE34.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED2.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED3.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED4.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED5.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED6.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED7.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED8.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspED9.tmp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nspEDA.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEEA.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEEB.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEEC.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEED.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEEE.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEEF.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEF0.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEF1.tmp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.106Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nseEF2.tmp
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuF03.tmp
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuF04.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA1.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA2.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA3.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA4.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA5.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA6.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA7.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA8.tmp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.278Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsuFA9.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBA.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBB.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBC.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBD.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBE.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFBF.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFC0.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFC1.tmp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.293Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nskFC2.tmp
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszFD2.tmp
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nszFD3.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1071.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1072.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1073.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1074.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1075.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1076.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1077.tmp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.465Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1078.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp1088.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp1089.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108A.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108B.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108C.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108D.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108E.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp108F.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp1090.tmp
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.481Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf10A1.tmp
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf10A2.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu10B2.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu10B3.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu10B4.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu10B5.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsu10B6.tmp
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10C7.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10C8.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10C9.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CA.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CB.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CC.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CD.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CE.tmp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk10CF.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E0.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E1.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E2.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E3.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E4.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E5.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E6.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E7.tmp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.543Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa10E8.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10F8.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10F9.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10FA.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10FB.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10FC.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10FD.tmp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.559Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsp10FE.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf110F.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1110.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1111.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1112.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1113.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1114.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf1115.tmp
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.575Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1126.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1127.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1128.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1129.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv112A.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv112B.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv112C.tmp
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.590Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk113C.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk113D.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk113E.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk113F.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk1140.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk1141.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk1142.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsk1143.tmp
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.606Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1154.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1155.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1156.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1157.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1158.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa1159.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa115A.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa115B.tmp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.622Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa115C.tmp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa11AB.tmp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa11AC.tmp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa11AD.tmp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa11AE.tmp
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11BF.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C0.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C1.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C2.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C3.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C4.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C5.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C6.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsq11C7.tmp
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11D7.tmp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11D8.tmp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11D9.tmp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11DA.tmp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11DB.tmp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf11DC.tmp
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.809Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.809Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.809Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsf122B.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128A.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128B.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128C.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128D.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128E.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv128F.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1290.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1291.tmp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsv1292.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A3.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A4.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A5.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A6.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A7.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A8.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12A9.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12AA.tmp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl12AB.tmp
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa12BB.tmp
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\
4/5/2020 - 10:45:46.934Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.934Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:46.934Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsa12BC.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135A.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135B.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135C.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135D.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135E.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb135F.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1360.tmp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.90Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1361.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A0.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A1.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A2.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A3.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A4.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A5.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A6.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A7.tmp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.153Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl13A8.tmp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb13B9.tmp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb13BA.tmp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.168Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb13BB.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl1448.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl1449.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl144A.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl144B.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl144C.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsl144D.tmp
4/5/2020 - 10:45:47.309Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb145E.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb145F.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1460.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1461.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1462.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1463.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1464.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1465.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsb1466.tmp
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.325Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1477.tmp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1478.tmp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1479.tmp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr147A.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1517.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1518.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr1519.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr151A.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr151B.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr151C.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr151D.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr151E.tmp
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.497Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr152E.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg152F.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1530.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1531.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1532.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1533.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1534.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1535.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1536.tmp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsg1537.tmp
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw1548.tmp
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.528Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.528Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.528Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw1549.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15E6.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15E7.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15E8.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15E9.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15EA.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15EB.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15EC.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15ED.tmp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.684Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsw15EE.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm15FF.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1600.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1601.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1602.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1603.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1604.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1605.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1606.tmp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsm1607.tmp
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc1618.tmp
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc1619.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16B6.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16B7.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16B8.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16B9.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16BA.tmp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.872Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc16BB.tmp
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr16CB.tmp
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.887Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.887Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.887Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsr16CC.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16DD.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16DE.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16DF.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16E0.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16E1.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16E2.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16E3.tmp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.903Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh16E4.tmp
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx16F5.tmp
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\
4/5/2020 - 10:45:47.918Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.918Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:47.918Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsx16F6.tmp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss17C2.tmp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss17C3.tmp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss17C4.tmp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss17C5.tmp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.122Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss17C6.tmp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh17D6.tmp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh17D7.tmp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.137Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsh17D8.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc1808.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc1809.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180A.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180B.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180C.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180D.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180E.tmp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.184Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsc180F.tmp
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.200Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.200Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.200Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss1820.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18AE.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18AF.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B0.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B1.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B2.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B3.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B4.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B5.tmp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.340Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd18B6.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18C6.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18C7.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18C8.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18C9.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18CA.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18CB.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18CC.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18CD.tmp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.356Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss18CE.tmp
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.372Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.372Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.372Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsi18DF.tmp
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.512Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.512Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.512Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nss196C.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A29.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2A.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2B.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2C.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2D.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2E.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A2F.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A30.tmp
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.700Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsy1A41.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A42.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A43.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A44.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A45.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A46.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A47.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A48.tmp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.715Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nso1A49.tmp
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd1A59.tmp
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.731Unknown1480C:\malware.exeC:\
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\GetStarted.html
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C\Users\Behemot\AppData\Roaming\Microsoft\Windows\Start MenuGroup\Get Started.lnk
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.731Unknown1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp
4/5/2020 - 10:45:48.731Open1480C:\malware.exeC:\Users\Behemot\AppData\Local\Temp\nsd1A5A.tmp
4/5/2020 - 10:45:48.872Open1480C:\malware.exeC:\
4/5/2020 - 10:45:48.872Unknown1480C:\malware.exeC:\