Engine | Download Report | Detection | Info |
---|---|---|---|
|
malicious
Score: 80
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
|
|
malicious
Score: 100
|
System: Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
Run Condition: Suspected Instruction Hammering
|
IP | Country | Detection |
---|---|---|
172.217.168.46 | United States | |
116.0.120.83 | Malaysia | |
142.250.186.33 | United States |
Name | IP | Detection |
---|---|---|
cselegance.com | 116.0.120.83 | |
drive.google.com | 172.217.168.46 | |
googlehosted.l.googleusercontent.com | 142.250.186.33 | |
Click to see the 2 hidden entries | ||
doc-0c-28-docs.googleusercontent.com | 0.0.0.0 | |
mail.cselegance.com | 0.0.0.0 |
Name | Detection |
---|---|
http://www.bonusesfound.ml/update/index.php | |
https://rotf.lol/3u6d9443 | |
http://www.searchmaid.com/ | |
Click to see the 97 hidden entries | |
http://masgiO.info/cd/cd.php?id=%s&ver=g | |
http://aklick.info/d.php?date= | |
http://playsong.mediasongplayer.com/ | |
https://sotheraho.com/wp-content/fonts/reportexcelnew.php | |
http://spywaresoftstop.com/load.php?adv=141 | |
http://149.3.170.235/qw-fad/ | |
http://shdjhgftyhgjklolkjio.dns.navy/bcz/document.doc | |
http://costacars.es/ico/ortodox.php | |
https://pigeonious.com/img/ | |
http://www.whitehouseknutsford.co.uk/invoice-status/please-pull-invoice-684594/ | |
http://110.42.4.180: | |
https://longurl.in/tllwu | |
http://www.pcpurifier.com/buynow/? | |
http://tempuri.org/ | |
http://kiranacorp.com/oja | |
http://logs-01.loggly.com/inputs | |
https://cdn4.buysellads.net/pub/tempmail.js? | |
http://sds.clrsch.com/x | |
http://javafx.com | |
http://www.mva.by/tags/ariscanin1.e | |
http://wac.edgecastcdn.net/800952/5b595c13-aea5-4a6c-a099-d29c4678f6f2-api/gfbs | |
https://remote.bittorrent.com | |
http://app.whenu.com/Offers | |
http://js.f4321y.com/ | |
https://irecruiter.immentia.com/storage/framework/cache/data/0e/nC7vWe43YwJjj.php | |
https://bit.ly/3kvdcmi | |
http://memberservices.passport.net/memberservice.srf | |
http://www.51jetso.com/ | |
http://office-service-secs.com/blm.task | |
http://www.niepicowane.pl/ | |
http://m.mworld.vn/MWorld30/data20.xm?a=getip&g=3&sex=Android | |
https://mort2021.s3-eu-west-1.amazonaws.com/image2.png | |
http://avnisevinc.blogspot.com/ | |
http://handjobheats.com/xgi-bin/q.php | |
https://bit.ly/3kthd4j | |
https://jabaltoor.com/copy/img/blog/cat-post/r7gnor1h0.php | |
http://data1.yoou8.com/ | |
http://artishollywoodbikini.blogspot.com/ | |
http://team.afcorp.afg/chr/crt-ho_30/newjflibrary | |
http://www.trotux.com/?z= | |
http://verred.net/?1309921 | |
http://82.98.235. | |
http://tiasissi.com.br/revendedores/jquery/ | |
http://seunelson.com.br/js/content.xml | |
http://maringareservas.com.br/queda/index.php | |
http://www.chatzum.com/statistics/?affid=$RPT_AFFID&cztbid=$RPT_UID&inst=$RTP_SETINST&sethp=$RTP_SET | |
http://t.zer9g.com/ | |
http://%63%61%39%78%2e%63%6f%6d/ken.gif | |
http://66.148.74.7/zu2/zc.php | |
http://www.xiuzhe.com/ddvan.exe | |
http://207.154.225.82/report.json?type=mail&u=$muser&c= | |
http://rghost.net/download/ | |
http://mexicorxonline.com/glad/imagenes.html?disc=abuse&code=7867213 | |
http://actresswallpaperbollywood.blogspot.com/ | |
http://sesame96.orange.ero0101.com/set_inf.php?id=ero257.wmv&sid= | |
http://canonicalizer.ucsuri.tcs/3 | |
https://jovial-pasteur.159-89-118-202.plesk.page/wp-content/uploads/index.php | |
http://akrilikkapak.blogspot.com/ | |
https://www.bitly.com/ad | |
http://w.robints.us/cnzz.htmlwidth=0height=0 | |
http://usa-national.info/gpu/band/grumble.dot | |
http://127.0.0.1:8000/web.html?url=yac.mx&rate=501&id=%s&key=%s&pm=1x | |
https://www.dropbox.com/ | |
http://lo0oading.blogspot.com/ | |
http://139.162. | |
https://sumnermail.org/sumnerscools/school.php | |
https://anonfiles.com/ | |
http://185.172.110.217/robx/remit.jpg | |
http://www.chambersign.org1 | |
http://Yyl.mofish.cn/interface/SeedInstall.aspx | |
http://today-friday.cn/maran/sejvan/get.php | |
https://zangomart.com/soft/order/information/adobe2/index.htm | |
http://minetopsforums.ru/new_link3.php?site= | |
http://www.cooctdlfast.com/download.php? | |
https://tinyurl.com/up77pck | |
https://raw.githubusercontent.com/ | |
http://blogsemasacaparnab.blogspot.com/ | |
http://aerytyre.blogspot.com/ | |
https://kiwisanagustin.com/wp-admin/includes/opo.php%22%20method%3d%22post%22%20style%3d%22box-sizin | |
http://tfu.ae/readme.txt | |
http://www.activision.com/games/wolfenstein/purchase.html | |
https://xmrig.com/wizard | |
http://esiglass.it/glassclass/glass.php | |
http://avnpage.info/final3.php | |
http://www.mvps.org/vb | |
https://bemojo.com/ds/161120.gif | |
https://eeyhh567.s3.eu-west-3.amazonaws.com/image2.png | |
https://go.wikitextbooks.info | |
http://www.slotch.com/ist/softwares/v4.0/istdownload.exe | |
http://77.81.225.138/carnaval2017.zip | |
http://5starvideos.com/main/K5 | |
http://www.fbcom.review/d/9.doc | |
http://security-updater.com/binaries/ | |
https://sweetsizing.com/vip/ | |
http://eduardovolpi.com.br/flipbook/postal/services/parcel) | |
http://walden.co.jp/wp/divorce/divorce.php?id=zxjpyy5tb3jyaxnvb | |
http://www.youtube.com/watch?v=Vjp7vgj119s |
Name | File Type | Hashes | Detection |
---|---|---|---|
C:\Users\user\AppData\Roaming\tKZVPq\tKZVPq.exe |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ar-SA\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\cs-CZ\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
Click to see the 97 hidden entries | |||
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\cs-CZ\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\com.microsoft.defender.be.chrome.json |
ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ca-ES\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ca-ES\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ca-ES-valencia\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\bs-Latn-BA\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\bn-IN\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\bg-BG\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\bg-BG\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\az-Latn-AZ\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\as-IN\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\cy-GB\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ar-SA\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\am-ET\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\af-ZA\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ThirdPartyNotices.txt |
ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ProtectionManagement_uninstall.mof |
C source, Little-endian UTF-16 Unicode text, with CRLF, CR line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ProtectionManagement.mof |
C source, Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ProtectionManagement.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpWDOScan.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpThreatDetection.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpThreatCatalog.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpThreat.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-GB\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-MX\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-MX\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-ES\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-ES\ProtectionManagement.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-ES\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\es-ES\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\endpointdlp.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-US\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-US\ProtectionManagement.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-US\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-US\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\en-GB\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\cs-CZ\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\el-GR\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\el-GR\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\el-GR\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\de-DE\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\de-DE\ProtectionManagement.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\de-DE\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\de-DE\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\da-DK\mpuxagent.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\da-DK\MpEvMsg.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\da-DK\MpAsDesc.dll.mui |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpSignature.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\DefenderCSP.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpAzSubmit.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpAsDesc.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Windows-Windows Defender.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Antimalware-Service.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Antimalware-RTP.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Antimalware-Protection.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Antimalware-NIS.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Microsoft-Antimalware-AMFilter.man |
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Drivers\WdNisDrv.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Drivers\WdFilter.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Drivers\WdDevFlt.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Drivers\WdBoot.sys |
PE32+ executable (native) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpClient.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\ConfigSecurityPolicy.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\mpavdlta.vdm |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\mpavbase.vdm |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\mpasdlta.vdm |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\mpasbase.vdm |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\MpSigStub.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\1.349.0.0_to_1.351.0.0_mpavbase.vdm._p |
data | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\1.349.0.0_to_1.351.0.0_mpasbase.vdm._p |
data | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\24D82C9E-A161-4073-AC5C-CF18E1F4A1E0\1.1.18500.10_to_1.1.18600.4_mpengine.dll._p |
data | # | |
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\tKZVPq.exe.log |
ASCII text, with CRLF line terminators | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF60A.tmp.xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpUpdate.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpScan.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpPreference.cdxml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpPerformanceReport.Format.ps1xml |
XML 1.0 document, ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpPerformanceRecording.wprp |
XML 1.0 document, UTF-8 Unicode (with BOM) text | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpPerformanceRecording.psm1 |
ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\MSFT_MpComputerStatus.cdxml |
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\Powershell\Defender.psd1 |
ASCII text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\NisSrv.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MsMpLics.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MsMpEng.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpUxAgent.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF50F.tmp.WERInternalMetadata.xml |
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpSvc.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpSigStub.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpRtp.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpOAV.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpEvMsg.dll |
PE32+ executable (DLL) (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpDlpCmd.exe |
PE32+ executable (console) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpDetoursCopyAccelerator.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpDetours.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpCopyAccelerator.exe |
PE32+ executable (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpCommu.dll |
PE32+ executable (DLL) (GUI) x86-64, for MS Windows | # | |
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\85F3688C-80F4-4AE9-A600-CCB6F7611E7D\MpCmdRun.exe |
PE32+ executable (console) x86-64, for MS Windows | # |