VirSCAN VirSCAN

1, คุณสามารถอัพโหลดไฟล์ไดๆก็ได้ที่มีขนาดไม่ใหญ่กว่า 20 เมกกะไบต์
2, VirSCAN สามารถสแกนไฟล์ที่ถูกบีบอัดในรูปแบบของ ZIP และ RAR โดยจะต้องมีไฟล์ในนั้นไม่สูงกว่า 20 ไฟล์
3, VirSCAN สามารถสแกนไฟล์บีบอัดที่มีรหัสผ่านด้วยคำว่า 'infected' และ 'virus' ได้

ภาษา
การทำงานของเซิฟเวอร์
Server Load
dc7b1e0ca1a08f0d9be8e152a8113b81    รายงานการวิเคราะห์แบบผสมผสาน
รายงานการสแกนหลายเครื่องของ Virscan.org
ข้อมูลพื้นฐาน
ชื่อไฟล์:dc7b1e0ca1a08f0d9be8e152a8113b81
ขนาดไฟล์:103140
ประเภทไฟล์:PE32 executable (GUI) Intel 80386, for MS Windows
เวลาในการส่ง:2019-08-19 06:20:19
MD5:dc7b1e0ca1a08f0d9be8e152a8113b81
sha1:c9d4342a669c949de781b4290f962acb0a4476de
sha256:dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf
enviorment_description:Windows 7 32 bit (HWP Support)
total_processes:0
total_signatures:0
file_analysis: 0
mitre_attcks:0
รายงานการวิเคราะห์เอกสาร
uuid:java:java.util.UUID
xmlns:http://www.misp-project.org/
Event
id:9d230556-d7c9-4a9a-8248-ab0eb5711db7
date:2019-08-18
info:Falcon Sandbox auto-generated for \"dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf\"
analysis:2
distribution:1
published:1
Attribute
category:External analysis
type:link
value:https://www.hybrid-analysis.com/search?query=dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf
distribution:1
category:External analysis
type:comment
value:Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution:1
category:Payload delivery
type:filename|md5
value:dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf|dc7b1e0ca1a08f0d9be8e152a8113b81
distribution:1
category:Payload delivery
type:filename|sha1
value:dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf|c9d4342a669c949de781b4290f962acb0a4476de
distribution:1
category:Payload delivery
type:filename|sha256
value:dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf|dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf
distribution:1
category:Payload delivery
type:filename|sha512
value:dd4a1f70d6e81afd65bda9051dcb0ef219da431f9e4caa8d99fee78c1781baaf|9079bc9f7e9c69fdc682489c2f39ec45062435ad70aacff5304c6a7e9fef9593143ce6ab7cbc2f3ad662b7fad4195ffb6402c87da26449326b75fa938d0498d4
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:user-agent
value:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
distribution:1
category:Network activity
type:domain|ip
value:ahmediye.net|78.46.2.155
distribution:1
category:Network activity
type:domain|ip
value:althawry.org|173.231.184.56
distribution:1
category:Network activity
type:domain|ip
value:ampyazilim.com.tr|37.230.104.89
distribution:1
category:Network activity
type:domain|ip
value:amsamex.com|206.189.61.126
distribution:1
category:Network activity
type:domain|ip
value:apple-pie.in|162.217.98.133
distribution:1
category:Network activity
type:domain|ip
value:arthur.niria.biz|162.217.98.133
distribution:1
category:Network activity
type:domain
value:g2.arrowhitech.com
distribution:1
category:Network activity
type:domain|ip
value:www.careerdesk.org|118.67.248.123
distribution:1
category:Network activity
type:ip-dst
value:85.17.167.196
distribution:1
category:Network activity
type:ip-dst
value:173.231.184.56
distribution:1
category:Network activity
type:ip-dst
value:118.67.248.123
distribution:1
category:Network activity
type:ip-dst
value:162.217.98.133
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\xmtaf.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\xmtaf.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\xmtaf.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\xmtaf.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\gfjqv.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\gfjqv.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\gfjqv.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\gfjqv.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:Z:\autorun.inf|353b2587df8fe6c8b4a57ba142fa5b88
distribution:1
category:Payload installation
type:filename|sha1
value:Z:\autorun.inf|60568da4214cfddb48b9a511219649f476b5a3e7
distribution:1
category:Payload installation
type:filename|sha256
value:Z:\autorun.inf|7a025c2a91a0d1200a5774f8a06e6af7c24332dece513179b63609cc3ba5cae9
distribution:1
category:Payload installation
type:filename|sha512
value:Z:\autorun.inf|01829b0ea134edc728e53d3831adb4b42f9145d474aa4071407e9f7058aafed235875fbeee4ecc6722d03f8032e2589d04fb5d1d40c6c8d32e9dffe4ab9d2c4a
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\winfiakmk.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\winfiakmk.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\winfiakmk.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\winfiakmk.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\wingvywad.exe|25aa9bb549ecc7bb6100f8d179452508
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\wingvywad.exe|a3bea5e2138d1558109fa26d46e2f79c3a20228f
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\wingvywad.exe|df83a0d6940600e4c4954f4874fcd4dd73e781e6690c3bf56f51c95285484a3c
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\wingvywad.exe|12e26fa999faf2ca017a49987be5c668930495c26c789e19863097e5b0555add90ecdbb397521436acb47d7f2dfd5029b9b4beed16877ac7df854b3321642e37
distribution:1
category:Payload installation
type:filename|md5
value:C:\yorqoc.exe|246e18138f354de4aec200f0034dbdf2
distribution:1
category:Payload installation
type:filename|sha1
value:C:\yorqoc.exe|1981633421cf9a0517f0b94645529410c392915b
distribution:1
category:Payload installation
type:filename|sha256
value:C:\yorqoc.exe|dd0a2e9af9569ebeb348f4f656ee1fbe68530e49d049bb708568f77a0668cd16
distribution:1
category:Payload installation
type:filename|sha512
value:C:\yorqoc.exe|550217721697dea41226eefc79b7769bc36702bf8f50cbabd80a14f8f66d86358cdbf9e1d9dd51196b234115a3d3871f98941214cc7068bf5392f99af4c032cb
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\saey.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\saey.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\saey.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\saey.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\winybnp.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\winybnp.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\winybnp.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\winybnp.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\lvgslx.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\lvgslx.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\lvgslx.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\lvgslx.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\xkjom.exe|97626fcec9ae572693dd7c077710a00a
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\xkjom.exe|7c0359005c598576a8a5f5ddb28127a6bb00b921
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\xkjom.exe|cf333f589f4d6ee207ec78f0c793e87104e4e6f0e6efe9a3f36a1d338a5cf542
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\xkjom.exe|876f900d87d1133222ef8070631bc2650ca640ab950b5355ff7de8fa93c54f9f4087c42dbfa71705972886781347457ceae01c08b5e3a7f9b100e5d999d5f5d0
distribution:1
category:Payload installation
type:filename|md5
value:%TEMP%\winjyciy.exe|25aa9bb549ecc7bb6100f8d179452508
distribution:1
category:Payload installation
type:filename|sha1
value:%TEMP%\winjyciy.exe|a3bea5e2138d1558109fa26d46e2f79c3a20228f
distribution:1
category:Payload installation
type:filename|sha256
value:%TEMP%\winjyciy.exe|df83a0d6940600e4c4954f4874fcd4dd73e781e6690c3bf56f51c95285484a3c
distribution:1
category:Payload installation
type:filename|sha512
value:%TEMP%\winjyciy.exe|12e26fa999faf2ca017a49987be5c668930495c26c789e19863097e5b0555add90ecdbb397521436acb47d7f2dfd5029b9b4beed16877ac7df854b3321642e37
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\1DDF0AZA.txt|38ca37d55332b3ec15ab064033ad69f0
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\1DDF0AZA.txt|567a70fefc2c31252184e9ba701e72b120bdfc0b
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\1DDF0AZA.txt|f5177be6615ad356b1c8e3f3d0541cb710d2c8b29efaf2ecf7a95142c3d69901
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\1DDF0AZA.txt|522e0cc3010662f0b25fc9632ff390fb7cb1084689e18afea4218552ecda86b8edb543e109f6c853f03e47b6f5437689c63346be40b59032d08834b84f008b53
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\HZE2B2E9.txt|af5fb886204e2a8f23d0d7c2a5f26bd6
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\HZE2B2E9.txt|39a0362c9a2b9f945bf538b129d021bfe8be2d26
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\HZE2B2E9.txt|d1f0f365f91a9b511d80cb602ca50729de3d020a21e4830a0afaf43a492cb2fd
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\HZE2B2E9.txt|4cf4f48268196d079f5705429c61314a79e3c02ce660075b840e1f2b52df24b600c1927bf39d045eb81e255c4cf7170c5e30875a9baef221ae9d293bed831e69
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\J12ZDVUE.txt|3a624b4083a8ce873cf06905b744a967
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\J12ZDVUE.txt|8b36f4b12cf98c2a403ddda730efb9a9b4bd36d2
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\J12ZDVUE.txt|4f69b374c8d56b7fd4d39f1856be3c7cbc58045dfd2671659f8b26c723ebe4ca
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\J12ZDVUE.txt|ae158bb31f452163a353966f8271bcb6dd1dbec97ab0e949a9e546e7a86e4c02ee1054223464b2f97af45623bd40b31044b3463b904d0259b6e297182615280d
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\E8DSIUYV.txt|869819d208c66ecf8d8d7a2b26b61e32
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\E8DSIUYV.txt|4e91bd20d0d54da7da93468807527e91fa887ab1
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\E8DSIUYV.txt|797ae18dd6b8cc81c68b4bd02988ea59d129a605a43872e42446c947fab81a83
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\E8DSIUYV.txt|607f873bbae9ad64b1eef7aac95f5cccd1f1d891941408cced439c66172490843b6479b1769d7f3695ad35d613c38723a235eaaa73b855b241d1abc8e7abe6ca
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\WB5S1TZG.txt|9aecd87d3c7468a12c2f7f585c993960
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\WB5S1TZG.txt|f6cea22f40d5278c8014bc3ac5c91f2287c2941c
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\WB5S1TZG.txt|58d869b4bab0d235b8b675fc67f5fdc08869dc23bb8a7f493f3c1c2c03ae98f6
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\WB5S1TZG.txt|8f3c8d16da7294b5b561ad838ea42e7057088cab82d3ebe09bc42d02cd6d850cfeeb1a20a29ca1b766845477ae1ffb859c1f620513ca227d4e939b5b00b7c418
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\23AOM29Y.txt|8d3e539655eb0c8385a50aba16abd5e1
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\23AOM29Y.txt|5bf14a63c79ac5d77836f8f77a6ec43d623a350e
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\23AOM29Y.txt|d1e893b8698b215fdd58da03f573b783061a1d2f05d8e6e87fbf61218d729d1e
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\23AOM29Y.txt|684e22a7406b9bba7dab5efa7856fb8642fcc5e38f7ddd2a0f07c89ec969b4da49fdac8d46df9e298f5598fabbb9806673e3fd3a084345d5c91eb915772e6f68
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\IXRO8UDP.txt|30ac7c3b47e4896e650b3bb0d1ee7995
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\IXRO8UDP.txt|f29abc73a4142614273c323de5c3d863e8d7016e
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\IXRO8UDP.txt|7b9919ecd15a318a78dedb8a7f6ceb924c5c98595ce12394143f0dc8bd2583e2
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\IXRO8UDP.txt|ad349892d9c8603e1fe2e3e0869096e75be9bcb35e01f9d33c889c597deaf25af9782ff6bd22f93e311074b8074f559cf99e45ba296fced800a8f555d59d166f
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\N2B025R7.txt|9c5cdb77e01a7de84c38b873013bc230
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\N2B025R7.txt|a0915d593cc47f4ce5f5642b01e8bb3f14f7e514
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\N2B025R7.txt|22c1e587b4a9b314f153d3483bd9a6abbb23381120d807c92dae04e5c6c87dd9
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\N2B025R7.txt|31b7f44610baa57e628cc9a0204a9e596d6cb65c360255b08189e56718e4643c32bedc87008c2e2bf68c04df5a86178f2e83bc65ab4498411d6e2aa14805c261
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\ALKZYMKA.txt|567c315006f5ef39892c754cf1c91fa9
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\ALKZYMKA.txt|dfcda9729545947e14be4e236251fd8432e58d5a
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\ALKZYMKA.txt|12dd780080d883425ec9e67fcb7fa6e196aa5b763993b356081d2707b5a26f3f
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\ALKZYMKA.txt|8d45f7d557d2c34560354feca8a0775d34f5287756eb3c556432ac5a628579d0e1a5954d972cb325f2672e58b271390c066ebe03f814dffc9c158fdbd0cf98fd
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\OFZIQMKL.txt|3fdcfffcafe0e4951bf8563bca44c7a9
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\OFZIQMKL.txt|dabdbc56078fb17f368b8642d1cc565d1e0db2c5
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\OFZIQMKL.txt|ceec7ab7bb854a877a7ef409d807f9c7ced5f1c400496f3572d40c71010dbdf2
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\OFZIQMKL.txt|63fa0e59bf442acc6e1e7d39f965de202f79aa16058c0735eb89b8dbaee7c928baa11003cb3a788b51fc7e5ec20734c0839cfe26e94c9ab68b6202ac5cfedcc3
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\SQ1ZBZJ6.txt|c7be7d12215a4a1739874e7fd5d8701b
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\SQ1ZBZJ6.txt|e065ebf36b2223ea7d67b6b6068a3523c6c477fe
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\SQ1ZBZJ6.txt|c73ccd42ea1afd2cc104098ee6daadd0a202a76e85421920413407229f04521f
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\SQ1ZBZJ6.txt|cae024d92e9da91d828ffc39f5fc1fbd56e783d78586e5d562b20da6f733fa2f43b67176a17e1f758564fdd118c7982bd0d950273d2223ba7705e495332beea5
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\QI22319K.txt|649c231a75bce1e6da804aab74cc6eec
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\QI22319K.txt|b0aeffd13bb76924a33ddae1c83546d25f6c3e54
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\QI22319K.txt|b868cacc7e4712e9975d90ad030be7e606be1ee5602d621b02fa623974b5168e
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\QI22319K.txt|d044638f7b572c23d1df9a3a8c21077623862b2ae85fcc95c955c066935eeba084e820bfed9192f5ee7248e2359db25d7f16c8c0bfeebea9d5e45dc7fe99fce3
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\OX3O0N7W.txt|78dc31bb4ab7ccd5d0039ba4935f34d5
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\OX3O0N7W.txt|327e1c593c1179a426c7336a3286d8019cfdc665
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\OX3O0N7W.txt|8f0ef89ef87f2968198ae9c5aab4303433bb889b12a60aa12cdfc3c762712810
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\OX3O0N7W.txt|e7e68cc1c183416fb55d7592361205a561995ef0d9be74cb2af96df08f9a7fb356de53adb29ff3d54d90fa610dad511b7631b7d8e7f6b69b4f0faed6a5524f46
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\D25RAJPZ.txt|6cfc0bc57bed010f3780da008f0336dc
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\D25RAJPZ.txt|fa21f12fcf06be07272ae3a735d8dc3ab6057aae
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\D25RAJPZ.txt|57b3e45627673781b075976a6c6d5d35074e79efd0d424958630ab189ca0eb30
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\D25RAJPZ.txt|273732cda80fe52e078aa82cc5154dfaa640a53b94dc80a3c32708ae538c7db348f9c9415e97aee76e653458a77737b4095fa121483922199a3a1692cc9b5a9e
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\IFL10I4T.txt|815b29f1642097109063e15b9396acb1
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\IFL10I4T.txt|7d228d84ff5f946d736acc6e497b7556d27123fd
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\IFL10I4T.txt|663adfc8c766c456be401ae8bed2309e7242a16741fcf3052b6ba67d1ae95c3a
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\IFL10I4T.txt|88c0c166e061a497f60779f81e0dcaff0c294bc72a641018f1906365eea258751a0aa69d7efe60a5349f0b8ac6301d477c0c22cc3a06640607f9139924545197
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\5GF82S8M.txt|2e5093507b62a050a8872d7b2acc6277
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\5GF82S8M.txt|35bbe490cd1d49ed0c81b0cc9640ea89074de9b6
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\5GF82S8M.txt|54aa65710a225adbad823a51a81267c369406bea0dd13e21b71a57bebccf6121
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\5GF82S8M.txt|b9df11bbe9ee1154673ff6fad195144d231da5ad6aa01b92a10f5c521e7ea218977b3cbf0139b7ed0ac1e73430d0e72de7f5e30387d0109983eb0c57fc176949
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\742TAXN8.txt|f632cc359fa78140e5e1c96cd3af1fc5
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\742TAXN8.txt|e20e4cda1e5fa88aefc94cd7d67e92021b30af54
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\742TAXN8.txt|1f000d9ed4936515fe9d057b672ef6172f34f7a0487e9c77afd0e7f238481f99
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\742TAXN8.txt|6e11ac527e3e152cb53437b844ad266e015141dc8e38a190b9d1353a9c259b9c24a3bf3cb50a74687a2ea6a6c3ae2c53198be83bcaaa39ea4ecbe7492d5cd272
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\EWRLFMPA.txt|083f29c9a064932388c7a15414fa0910
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\EWRLFMPA.txt|8584f7fdd74ba8ba1eddffa4709605fc9482dec8
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\EWRLFMPA.txt|5f596ba389e998367b5b13b7ce82e85a8d55895bc0a4b84aa127dc98e79421a7
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\EWRLFMPA.txt|4c04fd1c60abc35fe8f6298c69c42e9a44eea08aaf15884e19427eda68b1be3af930b1a60f025cec19761b7f6cce3b3f68d7aa1b375b5a7cece4ac99d9c0f3b1
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\V1BDG653.txt|222cc426b5ec14534302f74b63a3bfd0
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\V1BDG653.txt|0178b7ffffa7f1dd43959f189a053eff14a04caa
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\V1BDG653.txt|238fbc8d7d481091963ac3921593cf9c434ac22661dbf50121a53e780cf13ed6
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\V1BDG653.txt|50c7176177c71ec5a7a3ee46663e7b3a9356e5f43a014271eae52fe6dacec554e42b8c94943bb378abb5e57807069f64d8166eb7a2c42b866825daf17b3e308d
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\O1KWKPC5.txt|dd9580c6f8b6eccb11e528809391c808
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\O1KWKPC5.txt|79df2a5a8fb35ba6d26d242af406df00b7eb17bd
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\O1KWKPC5.txt|2e66bf717bc414e78686e8cad3da11bb093d2caddd2ab62e3fca43c7665697c3
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\O1KWKPC5.txt|5d63d6aff7d431114032d71be24780e751b230762285f3932b99c9483717d28b7114a9bb064e34ffb151ddcc0b132e602503f9cdc18ffb529b24f6cc97a62162
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\512RYFBM.txt|16d2cbd09e4a8db05dfa598afa6bcd10
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\512RYFBM.txt|4c8ea37be10e57d7568cd64641af63a1029b9324
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\512RYFBM.txt|44464c1baffed9c20227220b5abf3685c3678ac84f77084f328e3dffe6cc7f20
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\512RYFBM.txt|1b86602332b3b6bcff38a971889312ebd5b959f47f5222055fc7c94c85af7acecba536af3bf1754e6f2ed71074633a26c9482024f9b198bfea38ba7a0f69f58c
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\ON3NQW6W.txt|b7236692e854f046262ed802d5bd3352
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\ON3NQW6W.txt|69eff19f32a11c2ab181acb05754d7e9484e5139
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\ON3NQW6W.txt|b9e81550f71782d91c64fd92f10ec0b62a819ad9159440a8db0b600c9bc4d01e
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\ON3NQW6W.txt|f65ef778a661ae1c5317c7eddbfac1b0e502b9079a6642527c3eef1705dbae25ce9103c89a58c5a6625365b6b420a902827e0d8d166cea75aacef3149deaa391
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\316FAP27.txt|47a13218b49490b6038b4ba1bd5ed881
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\316FAP27.txt|acd1adafdb2bc39f6717c666dd8bfc93264ddbfe
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\316FAP27.txt|fda4480f3e1286a41e3e108996c4cb74b3ba21d0ef0dbeca7a4c9bd2e1734ecf
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\316FAP27.txt|5c3e2627e5711752280dee925b0436a562d21f55aadbd0663249df5d5151be5bbfc6e796441795bdfad5a2a43e2c1de8d75980a534f5891121e9461a05274d46
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\W7W3DNWT.txt|c345252b835d024af13daaf6881ebf7b
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\W7W3DNWT.txt|8d4d98d30709a70f35c463df4d12b80cbe8acbc4
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\W7W3DNWT.txt|02dc81ce3059ea232017802ee4046b0e7fb06f511f9d23c0ca24c199abd40942
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\W7W3DNWT.txt|8e884099d532ebda699ada60d36ba69796e636c64194a28f3cd25a1149a9a9767e1d4024e7ab0f185961cbdf7c2e5a41846b56ea31bbebfc4c1298d516b21e19
distribution:1
category:Payload installation
type:filename|md5
value:%APPDATA%\Microsoft\Windows\Cookies\IDR9SZ6T.txt|0636589299cb7f5d31a6bd94acbbcad6
distribution:1
category:Payload installation
type:filename|sha1
value:%APPDATA%\Microsoft\Windows\Cookies\IDR9SZ6T.txt|c074d62a5c7d0b1b90bae209a70b9d8c4d0a19d1
distribution:1
category:Payload installation
type:filename|sha256
value:%APPDATA%\Microsoft\Windows\Cookies\IDR9SZ6T.txt|e399b61b0392f9f9792416ce69d165d2fc4240947878610cc554c8797d6307c4
distribution:1
category:Payload installation
type:filename|sha512
value:%APPDATA%\Microsoft\Windows\Cookies\IDR9SZ6T.txt|92436cd354010cd454168786b9909fac3dcdbe627073ca030f1ecf6b36044c0c0543958141ff6d71947b9e5505b49f6abe362d2656d2eac7d71a522218809d35
distribution:1
category:Network activity
type:ip-dst
value:206.189.61.126
distribution:1
category:Network activity
type:ip-dst
value:78.46.2.155
distribution:1
category:Network activity
type:ip-dst
value:37.230.104.89
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\GLOBALUSEROFFLINE|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\ENABLEFIREWALL|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\DONOTALLOWEXCEPTIONS|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\DISABLENOTIFICATIONS|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1431322952|88000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1432321392|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-998440|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1430324512|23000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1433319832|0B010000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1996880|30003800300030003600380037003400370034003700300033004100320046003200460036003100360043003700340036003800360031003700370037003200370039003200450036004600370032003600370032004600360039003600440036003100360037003600350037003300320046003700380037003300320045003600410037003000360037003000300036003800370034003700340037003000330041003200460032004600370037003700370037003700320045003600330036003100370032003600350036003500370032003600340036003500370033003600420032004500360046003700320036003700320046003600390036004400360031003600370036003500370033003200460037003800370033003200450036004100370030003600370030003000360038003700340037003400370030003300410032004600320046003600310037003200370034003600380037003500370032003200450036004500360039003700320036003900360031003200450036003200360039003700410032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360044003700330036003100360044003600350037003800320045003600330036004600360044003200460037003800370033003200450036004100370030003600370030003000360038003700340037003400370030003300410032004600320046003600310037003000370030003600430036003500320044003700300036003900360035003200450036003900360045003200460036003900360044003600310036003700360035003700330032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360038003600440036003500360034003600390037003900360035003200450036004500360035003700340032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003700330032003200450036003100370032003700320036004600370037003600380036003900370034003600350036003300360038003200450036003300360046003600440032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360044003700300037003900360031003700410036003900360043003600390036004400320045003600330036004600360044003200450037003400370032003200460036003900360044003600310036003700360035003700330032004600370038003700330033003200320045003600410037003000360037000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1429326072|32003300450034004600370046003200350046003800410035003400350045004600300037003800350039003700370033003000340033003400370035004500440044003100440031003000330045003200440039004300320037004600310046003300410032003600380045004400300039004600330030004400450038003800340044004200390044003900320046004400380033003100420037003200450045004600350039003900450038004300320033003300450042003200330046004200450037003100340035004200460041003400360032003800310036003700390045004400330038003500350039003300430045004500380038003600390035003400380031003600370046003000380043003500360038003100410034004200390036003700320033003200440042004300350045003000450030003100450043003000360030003200360046004300450038004200320034004600430042003500380039004200320038004300300037003300340031003300450033004300390043003300320036003800350031004300340037003300310033003900370045003800350031004300390036004400380035004200360045004400440044004100410034004500320035004600410032003200370037003700360044003300380035003900390031003900320037004100450039003400460043000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Ap1mutx7
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\GLOBALUSEROFFLINE|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\ENABLEFIREWALL|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\DONOTALLOWEXCEPTIONS|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\STANDARDPROFILE\DISABLENOTIFICATIONS|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1431322952|88000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1432321392|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-998440|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1430324512|23000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1433319832|0B010000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\-1996880|30003800300030003600380037003400370034003700300033004100320046003200460036003100360043003700340036003800360031003700370037003200370039003200450036004600370032003600370032004600360039003600440036003100360037003600350037003300320046003700380037003300320045003600410037003000360037003000300036003800370034003700340037003000330041003200460032004600370037003700370037003700320045003600330036003100370032003600350036003500370032003600340036003500370033003600420032004500360046003700320036003700320046003600390036004400360031003600370036003500370033003200460037003800370033003200450036004100370030003600370030003000360038003700340037003400370030003300410032004600320046003600310037003200370034003600380037003500370032003200450036004500360039003700320036003900360031003200450036003200360039003700410032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360044003700330036003100360044003600350037003800320045003600330036004600360044003200460037003800370033003200450036004100370030003600370030003000360038003700340037003400370030003300410032004600320046003600310037003000370030003600430036003500320044003700300036003900360035003200450036003900360045003200460036003900360044003600310036003700360035003700330032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360038003600440036003500360034003600390037003900360035003200450036004500360035003700340032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003700330032003200450036003100370032003700320036004600370037003600380036003900370034003600350036003300360038003200450036003300360046003600440032004600370038003700330032004500360041003700300036003700300030003600380037003400370034003700300033004100320046003200460036003100360044003700300037003900360031003700410036003900360043003600390036004400320045003600330036004600360044003200450037003400370032003200460036003900360044003600310036003700360035003700330032004600370038003700330033003200320045003600410037003000360037000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\-23962560\1429326072|32003300450034004600370046003200350046003800410035003400350045004600300037003800350039003700370033003000340033003400370035004500440044003100440031003000330045003200440039004300320037004600310046003300410032003600380045004400300039004600330030004400450038003800340044004200390044003900320046004400380033003100420037003200450045004600350039003900450038004300320033003300450042003200330046004200450037003100340035004200460041003400360032003800310036003700390045004400330038003500350039003300430045004500380038003600390035003400380031003600370046003000380043003500360038003100410034004200390036003700320033003200440042004300350045003000450030003100450043003000360030003200360046004300450038004200320034004600430042003500380039004200320038004300300037003300340031003300450033004300390043003300320036003800350031004300340037003300310033003900370045003800350031004300390036004400380035004200360045004400440044004100410034004500320035004600410032003200370037003700360044003300380035003900390031003900320037004100450039003400460043000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\{FD4316C2-FF33-42BF-BE78-39051EB67EC2}\WPADDECISIONREASON|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\{FD4316C2-FF33-42BF-BE78-39051EB67EC2}\WPADDECISIONTIME|408B9C101E56D501
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\{FD4316C2-FF33-42BF-BE78-39051EB67EC2}\WPADDECISION|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\{FD4316C2-FF33-42BF-BE78-39051EB67EC2}\WPADNETWORKNAME|4E006500740077006F0072006B002000200033000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISIONREASON|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISIONTIME|408B9C101E56D501
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISION|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISIONREASON|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISIONTIME|408B9C101E56D501
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WPAD\00-00-5E-00-01-01\WPADDECISION|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\PROXYENABLE|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CONNECTIONS\SAVEDLEGACYSETTINGS|46000000F10100000900000000000000000000000000000004000000000000003071E4E2286CD3010000000000000000000000000100000002000000C0A8F0D2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\UNCASINTRANET|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\AUTODETECT|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\CONTENT\CACHEPREFIX|0000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\COOKIES\CACHEPREFIX|43006F006F006B00690065003A000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\CACHE\HISTORY\CACHEPREFIX|56006900730069007400650064003A000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\ANTIVIRUSDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\FIREWALLOVERRIDE|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UPDATESDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER\SVC\UACDISABLENOTIFY|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H1_0|5511A7C4
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H2_0|68260000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H3_0|296A0301
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\APKFOKX\H4_0|00000000
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\taskhost.exeM_1420_
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\LANGUAGELIST|65006E002D0055005300000065006E0000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\LANGUAGELIST|65006E002D0055005300000065006E0000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\LANGUAGELIST|65006E002D0055005300000065006E0000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\LANGUAGELIST|65006E002D0055005300000065006E0000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\LANGUAGELIST|65006E002D0055005300000065006E0000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\@C:\WINDOWS\SYSTEM32\NTSHRUI.DLL,-103|530026006800610072006500200077006900740068000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\@C:\WINDOWS\SYSTEM32\NTSHRUI.DLL,-5112|5300680061007200650020007400680065002000730065006C006500630074006500640020006900740065006D0073002000770069007400680020006F0074006800650072002000700065006F0070006C00650020006F006E00200074006800650020006E006500740077006F0072006B002E000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\0|14001F50E04FD020EA3A6910A2D808002B30309D0000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|00000000FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\0\0|19002F433A5C000000000000000000000000000000000000000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\0\MRULISTEX|00000000FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|02
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\0\0\NODESLOT|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\0\0\MRULISTEX|FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\1\SHELL\KNOWNFOLDERDERIVEDFOLDERTYPE|7B00350037003800300037003800390038002D0038004300340046002D0034003400360032002D0042004200360033002D003700310030003400320033003800300042003100300039007D000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|02
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|00000000FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|02
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|00000000FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\NODESLOTS|02
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGMRU\MRULISTEX|00000000FFFFFFFF
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\LOCKED|01000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\SHELL\BAGS\1\SHELL\SNIFFEDFOLDERTYPE|470065006E0065007200690063000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\@C:\WINDOWS\SYSTEM32\NETWORKEXPLORER.DLL,-1|4E006500740077006F0072006B000000
distribution:1
category:Persistence mechanism
type:regkey|value
value:HKCU\LOCAL SETTINGS\MUICACHE\A5\52C64B7E\@C:\WINDOWS\SYSTEM32\NOTEPAD.EXE,-469|5400650078007400200044006F00630075006D0065006E0074000000
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1204_
distribution:1
category:Artifacts dropped
type:mutex
value:explorer.exeM_1552_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2244_
distribution:1
category:Artifacts dropped
type:mutex
value:winlogon.exeM_464_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_1340_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_828_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_868_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1740_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2556_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2972_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_900_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2776_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_1420_
distribution:1
category:Artifacts dropped
type:mutex
value:dwm.exeM_1500_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_988_
distribution:1
category:Artifacts dropped
type:mutex
value:lsass.exeM_492_
distribution:1
category:Artifacts dropped
type:mutex
value:smss.exeM_264_
distribution:1
category:Artifacts dropped
type:mutex
value:wininit.exeM_396_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_2344_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_1428_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_340_
distribution:1
category:Artifacts dropped
type:mutex
value:csrss.exeM_388_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_732_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_604_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_4076_
distribution:1
category:Artifacts dropped
type:mutex
value:spoolsv.exeM_1344_
distribution:1
category:Artifacts dropped
type:mutex
value:lsm.exeM_500_
distribution:1
category:Artifacts dropped
type:mutex
value:services.exeM_440_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_3800_
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_928_
distribution:1
category:Artifacts dropped
type:mutex
value:dc7b1e0ca1a08f0d9be8e152a8113b81.exeM_588_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_1900_
distribution:1
category:Artifacts dropped
type:mutex
value:uxJLpe1m
distribution:1
category:Artifacts dropped
type:mutex
value:Ap1mutx7
distribution:1
category:Artifacts dropped
type:mutex
value:svchost.exeM_3780_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_3684_
distribution:1
category:Artifacts dropped
type:mutex
value:rundll32.exeM_3300_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2168_
distribution:1
category:Artifacts dropped
type:mutex
value:wmiprvse.exeM_2964_
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_3572_
distribution:1
category:Artifacts dropped
type:mutex
value:compattelrunner.exeM_2420_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_3940_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:conhost.exeM_2396_
distribution:1
category:Artifacts dropped
type:mutex
value:taskhost.exeM_2752_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2104_
distribution:1
category:Artifacts dropped
type:mutex
value:diagtrackrunner.exeM_596_
distribution:1
category:Artifacts dropped
type:mutex
value:devicedisplayobjectprovider.exeM_2140_
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2552_
distribution:1
category:Artifacts dropped
type:mutex
value:Local\ZonesLockedCacheCounterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:dllhost.exeM_2016_
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwReaderRefs
distribution:1
category:Artifacts dropped
type:mutex
value:Local\Shell.CMruPidlList
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_256.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_1024.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!ThumbnailCacheInit
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!rwWriterMutex
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_96.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_idx.db!023b0
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_32.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:Global\C::Users:%OSUSER%:AppData:Local:Microsoft:Windows:Explorer:thumbcache_sr.db!dfMaintainer
distribution:1
category:Artifacts dropped
type:mutex
value:\Sessions\1\BaseNamedObjects\uxJLpe1m
distribution:1

เกี่ยวกับ VirSCAN | ข้อตกลงด้านความเป็นส่วนตัว | ติดต่อเรา | ลิงค์ที่เป็นมิตร | ช่วยเหลือ VirSCAN
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号