Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DL100AGM.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DL100PDFL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\7z.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\7z.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\DirectX.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\WinRAR.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\setup64.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\setup64.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\setup64.exe.manifest
|
exported SGML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\DirectX\wget.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\GFSDK_ShadowLib.win64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\GPUPerfAPIDX11-x64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\MXF_SDK_GenericContainer_AES3_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\MXF_SDK_GenericContainer_AVI_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\MXF_SDK_GenericContainer_SystemScheme1_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\MXF_SDK_Modules_DataIO_1.4.22_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\adbeape.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\boost_system.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\MXF_SDK_GenericContainer_AES3_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\MXF_SDK_GenericContainer_AVI_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\MXF_SDK_GenericContainer_SystemScheme1_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\MXF_SDK_Modules_DataIO_1.4.22_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\PRM.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\PlugPlugExternalObject.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\boost_system.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_config_mp2m.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_config_mp2v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_config_mp4v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_config_mpa.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_config_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_dec_spic.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_demux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_enc_mp2sr.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_enc_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_mux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_trans_audio_converter.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mc_trans_video_framerate.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mfc100chs.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\mfc100cht.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\data\update.db
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\libGLESv2.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_config_mp2m.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_config_mp2v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_config_mp4v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_config_mpa.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_config_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_dec_spic.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_demux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_enc_mp2sr.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_enc_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_mux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_trans_audio_converter.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mc_trans_video_framerate.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mfc100chs.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\mfc100cht.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\ImageMetaData.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\ImageStitcher.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\InterfaceCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\InterfaceCreation.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\InterfaceUnique.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\CGRCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\DX8_Camera.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\DX8_MotionSet.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\DX8_SysInfo.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\DX8_TextOut.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\ESM_SaveTextFile.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\FileDialog.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\FloatTexture.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\GFSDK_ShadowLib.win64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\GPUPerfAPIDX11-x64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\GUISkin.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\GroupBuffer.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InstanceContainer.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InstanceRefHash.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InstanceRefSphereTree.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InstanceRefTree.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InterfaceChannel.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\InterfaceFunction.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\Object.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\Surface.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\TextFilter.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\Win32_Font.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\XMLDOMCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\bin\libGLESv2.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\CopyImage.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DL100AGM.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DL100PDFL.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DX8_DirectInput.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DX8_ImportObject.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DX8_MatrixInterpolateSet.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DX8_SoundFile2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\DX8_UserInput.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\FModSound.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\FileLoader.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\Image.Services.Core.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\Internet.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\ObjectDataCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\SAXParser.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\SceneContainerCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\StyleTransfer.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\Tesselator.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\VectorOperator.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\config\img\XMLDOMObject.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\ImageMetaData.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\ImageStitcher.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\InterfaceCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\InterfaceCreation.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\InterfaceUnique.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\JSONCommand.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\JAWTAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\JAWTAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\JavaAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\JavaAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\WindowsAccessBridge-32.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\WindowsAccessBridge.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\awt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\bci.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\dcpr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\decora_sse.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\deploy.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\dt_shmem.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\dt_socket.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\eula.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\fontmanager.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\fxplugins.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\glass.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\glib-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\gstreamer-lite.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\hprof.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\instrument.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\j2pcsc.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\j2pkcs11.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jaas_nt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\java.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\java_crw_demo.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\javacpl.cpl
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\javafx_font.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\javafx_font_t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\javafx_iio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jawt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jdwp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jfr.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jfxmedia.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jfxwebkit.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jli.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jp2iexp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jp2native.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jp2ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jpeg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jsdt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jsound.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\jsoundds.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\kcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\lcms.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\management.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\mlib_image.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\msvcp120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\msvcr100.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\net.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\nio.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\npt.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\prism_common.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\prism_d3d.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\prism_sw.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\resource.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\splashscreen.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\ssv.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\sunec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\sunmscapi.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\t2k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\unpack.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\verify.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\w2k_lsa_auth.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\wsdetect.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\bin\zip.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\AppInfo\platforms\jre\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\boe55dv2.gbx\data\adbeape.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\unarchiver.log
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DL100AGM.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\7z.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\7z.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\DirectX.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\WinRAR.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\setup64.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\setup64.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\setup64.exe.manifest
|
exported SGML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\DirectX\wget.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\adbeape.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\boost_system.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\d3dcompiler_47.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\MXF_SDK_GenericContainer_AES3_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\MXF_SDK_GenericContainer_AVI_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\MXF_SDK_GenericContainer_SystemScheme1_4.5.16_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\MXF_SDK_Modules_DataIO_1.4.22_vs10.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\PRM.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\PlugPlugExternalObject.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\boost_system.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_config_mp2m.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_config_mp2v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_config_mp4v.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_config_mpa.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_config_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_dec_spic.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_demux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_enc_mp2sr.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_enc_pcm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_mux_dv.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_trans_audio_converter.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mc_trans_video_framerate.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mfc100chs.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\mfc100cht.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\AppInfo\data\update.db
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l\data\adbeape.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\Downloads\NordVPN-10_11.zip (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\Downloads\NordVPN-10_11.zip.crdownload
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\Downloads\NordVPN-7_8.zip (copy)
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\Downloads\NordVPN-7_8.zip.crdownload
|
Zip archive data, at least v1.0 to extract, compression method=store
|
dropped
|
There are 211 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\7za.exe
|
C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\boe55dv2.gbx" "C:\Users\user\Downloads\NordVPN-10_11.zip
|
 |
|
|
C:\Windows\SysWOW64\7za.exe
|
C:\Windows\System32\7za.exe" x -pinfected -y -o"C:\Users\user\AppData\Local\Temp\wgjorgwf.g2l" "C:\Users\user\Downloads\NordVPN-7_8.zip
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB
--service-sandbox-type=none --mojo-platform-channel-handle=1952 --field-trial-handle=1816,i,5108959396523626248,12215149392874120257,131072
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationTargetPrediction /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" "https://vpn-get.com/nordvpn
|
||
|
C:\Windows\SysWOW64\unarchiver.exe
|
C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Downloads\NordVPN-10_11.zip
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\unarchiver.exe
|
C:\Windows\SysWOW64\unarchiver.exe" "C:\Users\user\Downloads\NordVPN-7_8.zip
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://vpn-get.com/nordvpn
|
|||
|
http://anglebug.com/1085
|
unknown
|
||
|
https://crbug.com/650547call_clear_twiceUsing
|
unknown
|
||
|
http://anglebug.com/3502
|
unknown
|
||
|
http://anglebug.com/3623
|
unknown
|
||
|
http://anglebug.com/3625
|
unknown
|
||
|
http://anglebug.com/3624
|
unknown
|
||
|
http://anglebug.com/2970
|
unknown
|
||
|
http://anglebug.com/3027
|
unknown
|
||
|
http://anglebug.com/3246allow_clear_for_robust_resource_initSome
|
unknown
|
||
|
http://crbug.com/772651
|
unknown
|
||
|
http://www.rarlab.com/themes.htm
|
unknown
|
||
|
http://anglebug.com/2978
|
unknown
|
||
|
http://crbug.com/650547
|
unknown
|
||
|
http://crbug.com/883276
|
unknown
|
||
|
http://crbug.com/941620dont_translate_uniform_block_to_structured_bufferFails
|
unknown
|
||
|
https://vpn-get.com/
|
|||
|
http://anglebug.com/4384
|
unknown
|
||
|
http://anglebug.com/3452
|
unknown
|
||
|
http://www.rarlab.com
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://anglebug.com/1512
|
unknown
|
||
|
http://anglebug.com/4428
|
unknown
|
||
|
http://crbug.com/398694
|
unknown
|
||
|
http://anglebug.com/3498
|
unknown
|
||
|
https://crbug.com/705865
|
unknown
|
||
|
http://anglebug.com/2046
|
unknown
|
||
|
http://anglebug.com/4267
|
unknown
|
||
|
http://crbug.com/110263
|
unknown
|
||
|
http://anglebug.com/3016
|
unknown
|
||
|
https://crbug.com/650547
|
unknown
|
||
|
http://crbug.com/809422
|
unknown
|
||
|
https://crbug.com/1046462
|
unknown
|
||
|
http://www.datalogics.com
|
unknown
|
||
|
http://crbug.com/642227
|
unknown
|
||
|
http://anglebug.com/1637
|
unknown
|
||
|
http://anglebug.com/2727
|
unknown
|
||
|
http://anglebug.com/3859
|
unknown
|
||
|
http://crbug.com/398694ANGLE_DEFAULT_PLATFORMvulkanvulkan-nullswiftshadergld3d11nullGPU.ANGLE.Displa
|
unknown
|
||
|
http://anglebug.com/482
|
unknown
|
||
|
https://crbug.com/593024select_view_in_geometry_shaderThe
|
unknown
|
||
|
http://anglebug.com/2152
|
unknown
|
||
|
http://anglebug.com/2273
|
unknown
|
||
|
http://anglebug.com/3045
|
unknown
|
||
|
http://anglebug.com/3243
|
unknown
|
||
|
http://anglebug.com/4490
|
unknown
|
||
|
http://crbug.com/308366
|
unknown
|
||
|
http://anglebug.com/3205
|
unknown
|
||
|
https://crbug.com/593024
|
unknown
|
||
|
http://crbug.com/565179
|
unknown
|
||
|
https://crbug.com/655534use_system_memory_for_constant_buffersCopying
|
unknown
|
||
|
http://anglebug.com/2514
|
unknown
|
||
|
http://anglebug.com/3206
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://anglebug.com/3246
|
unknown
|
||
|
http://anglebug.com/4214
|
unknown
|
||
|
http://crbug.com/941620
|
unknown
|
||
|
http://anglebug.com/3729
|
unknown
|
||
|
http://crbug.com/830046
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://crbug.com/403957
|
unknown
|
||
|
https://crbug.com/710443
|
unknown
|
||
|
http://anglebug.com/3153
|
unknown
|
||
|
http://crbug.com/672380
|
unknown
|
||
|
http://crbug.com/709351
|
unknown
|
||
|
http://anglebug.com/3078
|
unknown
|
||
|
http://anglebug.com/4442
|
unknown
|
||
|
http://crbug.com/849576
|
unknown
|
||
|
http://crbug.com/927470
|
unknown
|
||
|
http://anglebug.com/2152skip_vs_constant_register_zeroIn
|
unknown
|
||
|
http://anglebug.com/3997
|
unknown
|
||
|
http://crbug.com/642605
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
http://anglebug.com/4405
|
unknown
|
||
|
https://vpn-get.com/nordvpn
|
|||
|
http://anglebug.com/1452
|
unknown
|
||
|
http://javafx.com/
|
unknown
|
||
|
http://javafx.com/vp6decoderflvdemux
|
unknown
|
||
|
http://anglebug.com/1936
|
unknown
|
||
|
http://crbug.com/797243
|
unknown
|
||
|
http://anglebug.com/2703
|
unknown
|
||
|
http://crbug.com/644669
|
unknown
|
||
|
https://crbug.com/655534
|
unknown
|
There are 72 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.203.106
|
unknown
|
United States
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
162.55.188.142
|
unknown
|
United States
|
||
|
142.250.203.110
|
unknown
|
United States
|
||
|
5.45.85.133
|
unknown
|
Russian Federation
|
||
|
193.3.17.197
|
unknown
|
Denmark
|
||
|
8.8.8.8
|
unknown
|
United States
|
||
|
172.217.168.68
|
unknown
|
United States
|
||
|
172.217.168.45
|
unknown
|
United States
|
||
|
172.217.168.67
|
unknown
|
United States
|
||
|
185.215.4.79
|
unknown
|
Denmark
|
||
|
104.192.141.1
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.216.240.12
|
unknown
|
United States
|
||
|
92.223.124.62
|
unknown
|
Austria
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 7 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\SysWOW64\unarchiver.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\SysWOW64\unarchiver.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blocklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_USERSS-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry
|
TraceTimeLast
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
There are 45 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B3E000
|
stack
|
page read and write
|
||
|
760393E000
|
stack
|
page read and write
|
||
|
2F9A000
|
trusted library allocation
|
page read and write
|
||
|
10A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
DBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
1A9852F9000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
1A985059000
|
heap
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page read and write
|
||
|
298F000
|
trusted library allocation
|
page read and write
|
||
|
2987000
|
trusted library allocation
|
page read and write
|
||
|
52DD000
|
stack
|
page read and write
|
||
|
10A0000
|
trusted library allocation
|
page read and write
|
||
|
1A985093000
|
heap
|
page read and write
|
||
|
1A9852F0000
|
heap
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
1A985250000
|
unclassified section
|
page read and write
|
||
|
6E0000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
remote allocation
|
page read and write
|
||
|
131F000
|
stack
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
DF5000
|
heap
|
page read and write
|
||
|
DAA000
|
trusted library allocation
|
page execute and read and write
|
||
|
517E000
|
stack
|
page read and write
|
||
|
1A985280000
|
heap
|
page readonly
|
||
|
1A98509B000
|
heap
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
750000
|
remote allocation
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
74C000
|
stack
|
page read and write
|
||
|
11E0000
|
heap
|
page execute and read and write
|
||
|
7603E7E000
|
stack
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
1A985230000
|
trusted library allocation
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
2F6B000
|
trusted library allocation
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
1A985150000
|
heap
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
AFC000
|
stack
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
7FC60000
|
trusted library allocation
|
page execute and read and write
|
||
|
7603C79000
|
stack
|
page read and write
|
||
|
10BF000
|
stack
|
page read and write
|
||
|
2F73000
|
trusted library allocation
|
page read and write
|
||
|
10AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A985030000
|
heap
|
page read and write
|
||
|
1A9850A3000
|
heap
|
page read and write
|
||
|
D56000
|
stack
|
page read and write
|
||
|
1090000
|
heap
|
page execute and read and write
|
||
|
10F0000
|
heap
|
page read and write
|
||
|
2FCA000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
73C000
|
stack
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
5180000
|
trusted library allocation
|
page read and write
|
||
|
2B10000
|
trusted library allocation
|
page execute and read and write
|
||
|
3FE1000
|
trusted library allocation
|
page read and write
|
||
|
B56000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
770000
|
remote allocation
|
page read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
2F6E000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A985290000
|
trusted library allocation
|
page read and write
|
||
|
7603CFF000
|
stack
|
page read and write
|
||
|
299A000
|
trusted library allocation
|
page read and write
|
||
|
1A9851C0000
|
trusted library allocation
|
page read and write
|
||
|
1A984F00000
|
trusted library allocation
|
page read and write
|
||
|
1A985300000
|
trusted library allocation
|
page read and write
|
||
|
135E000
|
stack
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
1A984EF0000
|
heap
|
page read and write
|
||
|
2F3E000
|
trusted library allocation
|
page read and write
|
||
|
121F000
|
stack
|
page read and write
|
||
|
750000
|
remote allocation
|
page read and write
|
||
|
FBF000
|
stack
|
page read and write
|
||
|
DFB000
|
heap
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
D05000
|
heap
|
page read and write
|
||
|
2980000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
trusted library allocation
|
page read and write
|
||
|
7603DF9000
|
stack
|
page read and write
|
||
|
76038BC000
|
stack
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
63D000
|
stack
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
1A9850A3000
|
heap
|
page read and write
|
||
|
2B25000
|
heap
|
page read and write
|
||
|
A5C000
|
stack
|
page read and write
|
||
|
1A9850A3000
|
heap
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
C3F000
|
stack
|
page read and write
|
||
|
10AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
1A9852F5000
|
heap
|
page read and write
|
||
|
E2E000
|
heap
|
page read and write
|
||
|
3C0000
|
trusted library allocation
|
page read and write
|
||
|
7F0000
|
trusted library allocation
|
page read and write
|
||
|
DC8000
|
heap
|
page read and write
|
||
|
7F3D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
108A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
DB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A985050000
|
heap
|
page read and write
|
||
|
2F66000
|
trusted library allocation
|
page read and write
|
||
|
10D7000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
2FF2000
|
trusted library allocation
|
page read and write
|
||
|
1A985095000
|
heap
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
1A985DF0000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
D5B000
|
stack
|
page read and write
|
||
|
E4D000
|
heap
|
page read and write
|
||
|
E42000
|
heap
|
page read and write
|
||
|
C5D000
|
stack
|
page read and write
|
||
|
2F32000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
2B20000
|
trusted library allocation
|
page read and write
|
||
|
511D000
|
stack
|
page read and write
|
||
|
B5A000
|
stack
|
page read and write
|
||
|
2FFA000
|
trusted library allocation
|
page read and write
|
||
|
2F63000
|
trusted library allocation
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
2F21000
|
trusted library allocation
|
page read and write
|
||
|
2F59000
|
trusted library allocation
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
555E000
|
stack
|
page read and write
|
||
|
2FE1000
|
trusted library allocation
|
page read and write
|
||
|
E1A000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
539E000
|
unkown
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
3F21000
|
trusted library allocation
|
page read and write
|
||
|
2F40000
|
trusted library allocation
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
DEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
770000
|
remote allocation
|
page read and write
|
||
|
10F2000
|
trusted library allocation
|
page read and write
|
||
|
DE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A985270000
|
trusted library allocation
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
545E000
|
stack
|
page read and write
|
||
|
10EF000
|
stack
|
page read and write
|
||
|
1A986000000
|
trusted library allocation
|
page read and write
|
||
|
E2A000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
1A9851D0000
|
trusted library allocation
|
page read and write
|
||
|
549E000
|
unkown
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
DA2000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
10DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
521D000
|
stack
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
7603D7E000
|
stack
|
page read and write
|
||
|
2FCD000
|
trusted library allocation
|
page read and write
|
||
|
2F3A000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
remote allocation
|
page read and write
|
||
|
2F4E000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A9852A0000
|
trusted library allocation
|
page read and write
|
||
|
525E000
|
stack
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
FEE000
|
stack
|
page read and write
|
||
|
76039BE000
|
stack
|
page read and write
|
There are 182 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://vpn-get.com/nordvpn
|
||
|
https://vpn-get.com/
|