Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
IP | Country | Detection |
---|---|---|
193.149.129.50 | Denmark | |
172.64.193.26 | United States |
Name | IP | Detection |
---|---|---|
cloud.archive-downloader.com | 193.149.129.50 | |
cdn1.iconfinder.com | 172.64.193.26 |
Name | Detection |
---|---|
https://cloud.archive-downloader.com/s.hta) | |
https://cloud.archive-downloader.com/lsacs.exe-OutFile | |
https://cloud.archive-downloader.com/ | |
Click to see the 84 hidden entries | |
https://cloud.archive-downloader.com/s.hta...6 | |
https://cloud.archive-downloader.comx | |
https://cloud.archive-downloader.com/s.htaLMEMX8U | |
https://cloud.archive-downloader.com/s.htaNNC: | |
https://cloud.archive-downloader.com/lsacs.exe0y | |
https://cloud.archive-downloader.com/s.htaowsINetCookies | |
https://cloud.archive-downloader.com/P | |
https://cloud.archive-downloader.com/lsacs.exeG | |
https://cloud.archive-downloader.com/s.htaC: | |
https://cloud.archive-downloader.com/s.hta... | |
https://cloud.archive-downloader.com/file.pdf0y | |
https://cloud.archive-downloader.com/s.hta | |
https://cloud.archive-downloader.com/s.hta= | |
https://cloud.archive-downloader.com | |
http://cloud.archive-downloader.com | |
https://cloud.archive-downloader.com/lsacs.exe | |
https://cloud.archive-downloader.com/file.pdf | |
https://cloud.archive-downloader.com/s.htaQ | |
https://cloud.archive-downloader.com/s.htaATH= | |
https://cloud.archive-downloader.com/file.pdf-OutFile | |
https://cloud.archive-downloader.com/L | |
https://go.micro | |
http://www.cl.cam.ac.uk/~mgk25/iso-time.html | |
https://cdn1.iconfinder.com/ | |
https://httpbin.org/ | |
http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf | |
http://google.com/mail | |
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings | |
https://contoso.com/Icon | |
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm | |
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf | |
http://www.apache.org/licenses/LICENSE-2.0.html | |
http://google.com/ | |
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf | |
https://twitter.com/ | |
http://www.rfc-editor.org/info/rfc7253 | |
https://github.com/Pester/Pester | |
https://cdn1.iconfinder.com/y | |
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535 | |
https://www.ibm.com/support/knowledgecenter/en/ssw_aix_61/com.ibm.aix.basetrf1/load.htm | |
http://crl.m | |
http://google.com/mail/ | |
http://wwwsearch.sf.net/): | |
https://tools.ietf.org/html/rfc5297 | |
https://packaging.python.org/specifications/entry-points/ | |
http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm | |
https://www.ietf.org/rfc/rfc2898.txt | |
https://contoso.com/License | |
https://nuget.org/nuget.exe | |
https://contoso.com/ | |
https://www.ibm.com/ | |
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6 | |
http://yahoo.com/ | |
https://tools.ietf.org/html/rfc2388#section-4.4 | |
https://api.telegram.org/bot5885840251:AAG8HoCjrI1QANXkA4oqnJ60lgPP7w86Clg/sendMessage?chat_id=56833 | |
https://github.com/Ousret/charset_normalizer | |
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngr | |
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngC: | |
https://httpbin.org/post | |
https://github.com/mhammond/pywin32 | |
http://www.python.org/ | |
http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html | |
https://cloud.google.com/appengine/docs/standard/runtimes | |
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.pngl | |
http://tools.ietf.org/html/rfc5869 | |
https://mahler:8092/site-updates.py | |
http://json.org | |
https://cdn1.iconfinder.com/I | |
http://pesterbdd.com/images/Pester.png | |
https://www.python.org | |
http://httpbin.org/ | |
http://nuget.org/NuGet.exe | |
https://httpbin.org/get | |
http://www.cs.ucdavis.edu/~rogaway/papers/keywrap.pdf | |
https://cdn1.iconfinder.com/data/icons/google_jfk_icons_by_carlosjj/512/chrome.png | |
http://www.tarsnap.com/scrypt/scrypt-slides.pdf | |
https://cdn1.iconfinder.com/; | |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | |
http://speleotrove.com/decimal/decarith.html | |
https://tools.ietf.org/html/rfc3610 | |
https://requests.readthedocs.io | |
https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warningsp | |
http://tools.ietf.org/html/rfc5297 | |
http://www.iana.org/time-zones/repository/tz-link.html |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\ProgramData\lsacs.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_Salsa20.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aes.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
Click to see the 105 hidden entries | |||
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_aesni.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cbc.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_cfb.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ctr.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ecb.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_eksblowfish.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ocb.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Cipher\_raw_ofb.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_BLAKE2s.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_MD5.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA1.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_SHA256.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_clmul.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Hash\_ghash_portable.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Protocol\_scrypt.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_cpuid_c.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\Cryptodome\Util\_strxor.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_bz2.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ctypes.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_decimal.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_elementtree.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_hashlib.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_lzma.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_queue.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_socket.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_sqlite3.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_ssl.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\_uuid.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pyexpat.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\python39.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pythoncom39.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\pywintypes39.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\select.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\sqlite3.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\steal.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\unicodedata.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\win32crypt.pyd |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\ProgramData\file.pdf |
PDF document, version 1.7, 1 pages | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0 |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy) |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF67bdbd.TMP (copy) |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG |
ASCII text | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy) |
ASCII text | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF671596.TMP (copy) |
ASCII text | # | |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links |
data | # | |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-230131015135Z-242.bmp |
PC bitmap, Windows 3.x format, 107 x -152 x 32, cbSize 65110, bits offset 54 | # | |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages |
SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4, UTF-8, version-valid-for 12 | # | |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal |
SQLite Rollback Journal | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\189397[1].png |
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\s[1].hta |
HTML document, ASCII text, with CRLF line terminators | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive |
data | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a3vxi3je.uda.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cjchyufc.z4k.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dapxgbjs.b5j.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jvlelz22.etj.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pbjyotax.xfw.psm1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_slrsabnf.e3p.ps1 |
very short file (no magic) | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\certifi\cacert.pem |
ASCII text | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libcrypto-1_1.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libffi-7.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\libssl-1_1.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Users\user\AppData\Local\Temp\onefile_7072_133196035266869073\vcruntime140.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Users\user\Desktop\Loginvault.db |
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2 | # |