887aac61...ce9d

C:\Users\FD1HVy\Desktop\Launchy.exe

Sample File

Binary

Malicious

»

Also Known As	C:\WINDOWS\SysWOW64\Still.exe (Dropped File) C:\Users\FD1HVy\AppData\Roaming\Still:bin (Dropped File)
Mime Type	application/vnd.microsoft.portable-executable
File Size	1.08 MB
MD5	6b20ef8fb494cc6e455220356de298d0
SHA1	763d356d30e81d1cd15f6bc6a31f96181edb0b8f
SHA256	887aac61771af200f7e58bf0d02cb96d9befa11deda4e448f0a700ccb186ce9d
SSDeep	1536:rqR6yotxRXulFIkejW9JPZcoD4ZOrt4EqwdRdX/7pisg6Xz4HE7bhjMl9:rqR6PPRWFIZiJPZc6yjwfBJg+Ekxje9
ImpHash	b19e07ce05976bb65fe74f20f79adcdb

PE Information

»

Image Base	0x400000
Entry Point	0x4904c0
Size Of Code	0x90200
Size Of Initialized Data	0x82800
File Type	FileType.executable
Subsystem	Subsystem.windows_gui
Machine Type	MachineType.i386
Compile Timestamp	2020-05-29 19:12:51+00:00

Version Information (8)

»

CompanyName	Code Jelly
FileDescription	Launchy
FileVersion	1.0.0
InternalName	Launchy.exe
LegalCopyright	This is GNU Software copyright Josh Karlin
OriginalFilename	Launchy.exe
ProductName	Launchy
ProductVersion	2.0

Sections (4)

»

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x401000	0x9000f	0x90200	0x400	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ	1.37
.rdata	0x492000	0x7a120	0x7a200	0x90600	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	0.01
.data	0x50d000	0x6a4	0x800	0x10a800	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	4.37
.rsrc	0x50e000	0x7d58	0x7e00	0x10b000	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	6.07

Imports (5)

»

KERNEL32.dll (4)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
LoadLibraryA	0x0	0x50d464	0x10d404	0x10ac04	0x2f1
GetProcAddress	0x0	0x50d468	0x10d408	0x10ac08	0x220
GetLastError	0x0	0x50d46c	0x10d40c	0x10ac0c	0x1e6
GetModuleHandleA	0x0	0x50d470	0x10d410	0x10ac10	0x1f6

USER32.dll (4)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
LoadIconA	0x0	0x50d478	0x10d418	0x10ac18	0x1d6
LoadCursorW	0x0	0x50d47c	0x10d41c	0x10ac1c	0x1d5
GetKeyState	0x0	0x50d480	0x10d420	0x10ac20	0x131
GetListBoxInfo	0x0	0x50d484	0x10d424	0x10ac24	0x13b

GDI32.dll (3)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetStockObject	0x0	0x50d48c	0x10d42c	0x10ac2c	0x1f4
GetEnhMetaFileW	0x0	0x50d490	0x10d430	0x10ac30	0x1c1
GetStretchBltMode	0x0	0x50d494	0x10d434	0x10ac34	0x1f5

ADVAPI32.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetUserNameA	0x0	0x50d49c	0x10d43c	0x10ac3c	0x15e
RegOpenKeyA	0x0	0x50d4a0	0x10d440	0x10ac40	0x259

SHELL32.dll (6)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
SHGetPathFromIDListA	0x0	0x50d4a8	0x10d448	0x10ac48	0xcf
SHBrowseForFolderA	0x0	0x50d4ac	0x10d44c	0x10ac4c	0x77
SHGetFileInfoA	0x0	0x50d4b0	0x10d450	0x10ac50	0xb9
ShellExecuteA	0x0	0x50d4b4	0x10d454	0x10ac54	0x114
SHFileOperationA	0x0	0x50d4b8	0x10d458	0x10ac58	0xa8
SHGetSpecialFolderLocation	0x0	0x50d4bc	0x10d45c	0x10ac5c	0xd8

Digital Signatures (1)

»

Certificate: SCSTXPBIMRJPFWKHAA

»

Issued by	SCSTXPBIMRJPFWKHAA
Country Name	-
Valid From	2020-05-23 19:51:28+00:00
Valid Until	2039-12-31 23:59:59+00:00
Algorithm	sha1_rsa
Serial Number	36 5F 7C AB E7 8B E8 BD 47 FF 30 C6 A9 36 29 51
Thumbprint	1D 65 05 7D D1 1C F6 21 8F B9 A4 25 B6 AC 31 E3 C5 8D D5 08

Memory Dumps (19)

»

Name	Process ID	Start VA	End VA	Dump Reason	Bitness	Entry Point	Actions
launchy.exe	1	0x00400000	0x00515FFF	Relevant Image	32-bit	0x0049037D	... Memory Dump Actions Go to Process Download Dump
buffer	1	0x001D0000	0x001DFFFF	First Execution	32-bit	0x001DEFC0	... Memory Dump Actions Go to Process Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	-	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x004016FC	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x0040861C	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x00405C3A	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x00402001	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x004069D4	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x00404C4A	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x004064BB	... Memory Dump Actions Go to Process Go to AV Match Download Dump
still:bin	2	0x00400000	0x00515FFF	Relevant Image	32-bit	0x0049037D	... Memory Dump Actions Go to Process Download Dump
buffer	2	0x001D0000	0x001DFFFF	First Execution	32-bit	0x001DEFC0	... Memory Dump Actions Go to Process Download Dump
still.exe	31	0x00400000	0x00515FFF	Relevant Image	32-bit	0x00491009	... Memory Dump Actions Go to Process Download Dump
buffer	31	0x001D0000	0x001DFFFF	First Execution	32-bit	0x001DEFC0	... Memory Dump Actions Go to Process Download Dump
buffer	31	0x001E0000	0x001EEFFF	Image In Buffer	32-bit	-	... Memory Dump Actions Go to Process Go to AV Match Download Dump
buffer	2	0x001E0000	0x001EEFFF	Image In Buffer	32-bit	-	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Content Changed	32-bit	0x00404F47	... Memory Dump Actions Go to Process Download Dump
buffer	1	0x001E0000	0x001EEFFF	Image In Buffer	32-bit	-	... Memory Dump Actions Go to Process Go to AV Match Download Dump
launchy.exe	1	0x00400000	0x00515FFF	Process Termination	32-bit	-	... Memory Dump Actions Go to Process Download Dump

\\?\C:\Users\FD1HVy\Documents\4fN5SD.pdf.bbawasted

Dropped File

PDF

Suspicious

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\4fN5SD.pdf (Dropped File)
Mime Type	application/pdf
File Size	83.13 KB
MD5	6234d0bb9a56410015ff59d13ccbe71f
SHA1	b79f30632f907ea88d30d0a99fe2dc7577e46f6f
SHA256	21a2b9bd98cc601e730ab3df634f453813b302479882c9937e797889847c0753
SSDeep	1536:TfW1muf6PNkNUPfY9Xg/ZvJu0U048gFps/wrckvmKAG/O9OPkpzoDobyMw3V8MQ0:TfWPNTWvu0J+WwrcAmKXW9OPAzzbyfl/
ImpHash	-
Error Remark	Could not parse sample file: Unexpected EOF

YARA Matches (2)

»

Rule Name	Rule Description	Classification	Score	Actions
PDF_Missing_startxref	Malformed PDF without startxref; possible obfuscation	-	3/5	... YARA Actions Show Ruleset Show Match
PDF_Missing_EOF	Malformed PDF without EOF marker; possible obfuscation	-	3/5	... YARA Actions Show Ruleset Show Match

C:\Users\FD1HVy\AppData\Roaming\Still

Dropped File

Binary

Whitelisted

»

Also Known As	\\?\C:\WINDOWS\system32\wtsapi32.dll (Dropped File)
Mime Type	application/vnd.microsoft.portable-executable
File Size	52.02 KB
MD5	b77f9ef19e8ccb5276ba726bfdfd9586
SHA1	6038e7a7a9ddcef2f3f05b0422cf42651d571af7
SHA256	fe95762bc8691f85cd7338593edb52b0f2915bcd5cfdf86b9b84e3a9569de1a4
SSDeep	1536:VkuCxtnN7pfKSDKRop4X75lMy5egq9pvbtdPtK:VkuCxpFORoGdakNq9NXFK
ImpHash	62e80de569e3d2b9a30e859918635ac7

File Reputation Information

»

Severity	Whitelisted

PE Information

»

Image Base	0x30000000
Entry Point	0x30002bd0
Size Of Code	0x8c00
Size Of Initialized Data	0x1e00
File Type	FileType.dll
Subsystem	Subsystem.windows_cui
Machine Type	MachineType.i386
Compile Timestamp	2068-04-04 07:41:10+00:00

Version Information (8)

»

CompanyName	Microsoft Corporation
FileDescription	Windows Remote Desktop Session Host Server SDK APIs
FileVersion	10.0.15063.0 (WinBuild.160101.0800)
InternalName	wtsapi32.dll
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	wtsapi32.dll
ProductName	Microsoft® Windows® Operating System
ProductVersion	10.0.15063.0

Sections (6)

»

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x30001000	0x8a8e	0x8c00	0x400	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ	6.28
.data	0x3000a000	0x368	0x200	0x9000	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	0.23
.idata	0x3000b000	0x864	0xa00	0x9200	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	4.33
.didat	0x3000c000	0x104	0x200	0x9c00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	2.3
.rsrc	0x3000d000	0x440	0x600	0x9e00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	2.55
.reloc	0x3000e000	0x6d8	0x800	0xa400	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	6.13

Imports (14)

»

msvcrt.dll (11)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
memcpy_s	0x0	0x3000b0ac	0xb2d8	0x94d8	0x50a
free	0x0	0x3000b0b0	0xb2dc	0x94dc	0x4c5
malloc	0x0	0x3000b0b4	0xb2e0	0x94e0	0x4fd
_initterm	0x0	0x3000b0b8	0xb2e4	0x94e4	0x1e8
_except_handler4_common	0x0	0x3000b0bc	0xb2e8	0x94e8	0x16a
_amsg_exit	0x0	0x3000b0c0	0xb2ec	0x94ec	0x111
memcpy	0x0	0x3000b0c4	0xb2f0	0x94f0	0x509
_XcptFilter	0x0	0x3000b0c8	0xb2f4	0x94f4	0x6f
_wcsupr	0x0	0x3000b0cc	0xb2f8	0x94f8	0x429
swscanf	0x0	0x3000b0d0	0xb2fc	0x94fc	0x54e
memset	0x0	0x3000b0d4	0xb300	0x9500	0x50d

api-ms-win-core-errorhandling-l1-1-1.dll (4)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
SetLastError	0x0	0x3000b00c	0xb238	0x9438	0xd
UnhandledExceptionFilter	0x0	0x3000b010	0xb23c	0x943c	0x11
SetUnhandledExceptionFilter	0x0	0x3000b014	0xb240	0x9440	0xf
GetLastError	0x0	0x3000b018	0xb244	0x9444	0x5

api-ms-win-core-processthreads-l1-1-2.dll (7)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
OpenThreadToken	0x0	0x3000b050	0xb27c	0x947c	0x33
GetCurrentProcess	0x0	0x3000b054	0xb280	0x9480	0xc
GetCurrentProcessId	0x0	0x3000b058	0xb284	0x9484	0xd
GetCurrentThreadId	0x0	0x3000b05c	0xb288	0x9488	0x11
OpenProcessToken	0x0	0x3000b060	0xb28c	0x948c	0x31
TerminateProcess	0x0	0x3000b064	0xb290	0x9490	0x4d
GetCurrentThread	0x0	0x3000b068	0xb294	0x9494	0x10

api-ms-win-core-heap-l2-1-0.dll (3)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
LocalReAlloc	0x0	0x3000b034	0xb260	0x9460	0x5
LocalFree	0x0	0x3000b038	0xb264	0x9464	0x3
LocalAlloc	0x0	0x3000b03c	0xb268	0x9468	0x2

api-ms-win-core-handle-l1-1-0.dll (1)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CloseHandle	0x0	0x3000b02c	0xb258	0x9458	0x0

api-ms-win-core-string-l1-1-0.dll (1)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
WideCharToMultiByte	0x0	0x3000b08c	0xb2b8	0x94b8	0x7

api-ms-win-core-file-l1-2-1.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
ReadFile	0x0	0x3000b020	0xb24c	0x944c	0x47
WriteFile	0x0	0x3000b024	0xb250	0x9450	0x59

api-ms-win-core-io-l1-1-1.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CancelIo	0x0	0x3000b044	0xb270	0x9470	0x0
GetOverlappedResult	0x0	0x3000b048	0xb274	0x9474	0x5

api-ms-win-core-synch-l1-2-0.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
WaitForSingleObject	0x0	0x3000b094	0xb2c0	0x94c0	0x36
Sleep	0x0	0x3000b098	0xb2c4	0x94c4	0x2d

api-ms-win-core-registry-l1-1-0.dll (4)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
RegOpenKeyExW	0x0	0x3000b078	0xb2a4	0x94a4	0x1e
RegSetValueExW	0x0	0x3000b07c	0xb2a8	0x94a8	0x2c
RegCloseKey	0x0	0x3000b080	0xb2ac	0x94ac	0x0
RegQueryValueExW	0x0	0x3000b084	0xb2b0	0x94b0	0x23

api-ms-win-core-profile-l1-1-0.dll (1)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
QueryPerformanceCounter	0x0	0x3000b070	0xb29c	0x949c	0x0

api-ms-win-core-sysinfo-l1-2-1.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetSystemTimeAsFileTime	0x0	0x3000b0a0	0xb2cc	0x94cc	0x14
GetTickCount	0x0	0x3000b0a4	0xb2d0	0x94d0	0x18

ntdll.dll (7)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
RtlMultiByteToUnicodeN	0x0	0x3000b0dc	0xb308	0x9508	0x4a8
NtWaitForSingleObject	0x0	0x3000b0e0	0xb30c	0x950c	0x27a
RtlNtStatusToDosError	0x0	0x3000b0e4	0xb310	0x9510	0x4b4
NtDeviceIoControlFile	0x0	0x3000b0e8	0xb314	0x9514	0x13f
RtlUnicodeToMultiByteSize	0x0	0x3000b0ec	0xb318	0x9518	0x58e
RtlUnicodeToMultiByteN	0x0	0x3000b0f0	0xb31c	0x951c	0x58d
RtlAdjustPrivilege	0x0	0x3000b0f4	0xb320	0x9520	0x2ba

api-ms-win-core-delayload-l1-1-1.dll (2)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
DelayLoadFailureHook	0x0	0x3000b000	0xb22c	0x942c	0x0
ResolveDelayLoadedAPI	0x0	0x3000b004	0xb230	0x9430	0x1

Exports (69)

»

Api name	EAT Address	Ordinal
IsInteractiveUserSession	0x4e70	0x1
QueryActiveSession	0x4e90	0x2
QueryUserToken	0x18d0	0x3
RegisterUsertokenForNoWinlogon	0x4eb0	0x4
WTSCloseServer	0x4340	0x5
WTSConnectSessionA	0x3d60	0x6
WTSConnectSessionW	0x3e20	0x7
WTSCreateListenerA	0x7770	0x8
WTSCreateListenerW	0x7830	0x9
WTSDisconnectSession	0x4f30	0xa
WTSEnableChildSessions	0x3e50	0xb
WTSEnumerateListenersA	0x7e00	0xc
WTSEnumerateListenersW	0x7f00	0xd
WTSEnumerateProcessesA	0x5890	0xe
WTSEnumerateProcessesExA	0x5af0	0xf
WTSEnumerateProcessesExW	0x5b80	0x10
WTSEnumerateProcessesW	0x5e90	0x11
WTSEnumerateServersA	0x4350	0x12
WTSEnumerateServersW	0x44a0	0x13
WTSEnumerateSessionsA	0x4f50	0x14
WTSEnumerateSessionsExA	0x5180	0x15
WTSEnumerateSessionsExW	0x23f0	0x16
WTSEnumerateSessionsW	0x2260	0x17
WTSFreeMemory	0x2870	0x18
WTSFreeMemoryExA	0x3e70	0x19
WTSFreeMemoryExW	0x27b0	0x1a
WTSGetChildSessionId	0x3eb0	0x1b
WTSGetListenerSecurityA	0x8020	0x1c
WTSGetListenerSecurityW	0x80b0	0x1d
WTSIsChildSessionsEnabled	0x3ee0	0x1e
WTSLogoffSession	0x5300	0x1f
WTSOpenServerA	0x4600	0x20
WTSOpenServerExA	0x4620	0x21
WTSOpenServerExW	0x4640	0x22
WTSOpenServerW	0x4660	0x23
WTSQueryListenerConfigA	0x8240	0x24
WTSQueryListenerConfigW	0x8300	0x25
WTSQuerySessionInformationA	0x5320	0x26
WTSQuerySessionInformationW	0x1a00	0x27
WTSQueryUserConfigA	0x6b30	0x28
WTSQueryUserConfigW	0x6cc0	0x29
WTSQueryUserToken	0x18d0	0x2a
WTSRegisterSessionNotification	0x28c0	0x2b
WTSRegisterSessionNotificationEx	0x5490	0x2c
WTSSendMessageA	0x54b0	0x2d
WTSSendMessageW	0x5510	0x2e
WTSSetListenerSecurityA	0x8570	0x2f
WTSSetListenerSecurityW	0x85f0	0x30
WTSSetRenderHint	0x3f20	0x31
WTSSetSessionInformationA	0x5570	0x32
WTSSetSessionInformationW	0x5570	0x33
WTSSetUserConfigA	0x7000	0x34
WTSSetUserConfigW	0x7170	0x35
WTSShutdownSystem	0x3f40	0x36
WTSStartRemoteControlSessionA	0x3fb0	0x37
WTSStartRemoteControlSessionW	0x4060	0x38
WTSStopRemoteControlSession	0x4090	0x39
WTSTerminateProcess	0x6190	0x3a
WTSUnRegisterSessionNotification	0x2920	0x3b
WTSUnRegisterSessionNotificationEx	0x5580	0x3c
WTSVirtualChannelClose	0x6230	0x3d
WTSVirtualChannelOpen	0x6290	0x3e
WTSVirtualChannelOpenEx	0x62b0	0x3f
WTSVirtualChannelPurgeInput	0x62d0	0x40
WTSVirtualChannelPurgeOutput	0x62f0	0x41
WTSVirtualChannelQuery	0x6310	0x42
WTSVirtualChannelRead	0x6410	0x43
WTSVirtualChannelWrite	0x64d0	0x44
WTSWaitSystemEvent	0x40b0	0x45

Digital Signatures (2)

»

Certificate: Microsoft Windows

»

Issued by	Microsoft Windows
Parent Certificate	Microsoft Windows Production PCA 2011
Country Name	US
Valid From	2016-10-11 20:39:31+00:00
Valid Until	2018-01-11 20:39:31+00:00
Algorithm	sha256_rsa
Serial Number	33 00 00 01 06 6E C3 25 C4 31 C9 18 0E 00 00 00 00 01 06
Thumbprint	AF DD 80 C4 EB F2 F6 1D 39 43 F1 8B B5 66 D6 AA 6F 6E 50 33

Certificate: Microsoft Windows Production PCA 2011

»

Issued by	Microsoft Windows Production PCA 2011
Country Name	US
Valid From	2011-10-19 18:41:42+00:00
Valid Until	2026-10-19 18:51:42+00:00
Algorithm	sha256_rsa
Serial Number	61 07 76 56 00 00 00 00 00 08
Thumbprint	58 0A 6F 4C C4 E4 B6 69 B9 EB DC 1B 2B 3E 08 7B 80 D0 67 8D

\\?\C:\588bce7c90097ed212\1025\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1025\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	7.39 KB
MD5	af1a4f6740a8b51683dfd89d520eb729
SHA1	6b02c8e704d2d90de9e0b63fa389b2899c75e567
SHA256	e4ba6c3852c94bb2034dffed5a0fe45150e873b98aba95a2c3a93a71227ef605
SSDeep	192:sf3yLpQxL75CD7sH08JUXthIT2M+bOx7BnT7QUm2:AyLpQxL7YsH08JUXQT2M+s7BnT7QUm2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT .NET FRAMEWORK 4WINDOWSMICROSOFT MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILEWINDOWSMICROSOFTMicrosoft Corporation ().Microsoft Windows () ("")......... 1. f0.Microsoftwww.support.microsoft.com/common/international.aspx . 2. f0MICROSOFT .NET FRAMEWORK .. NET Framework (" NET .")..go.microsoft.com/fwlink/?LinkID=66406 .MicrosoftMicrosoftNET .go.microsoft.com/fwlink/?LinkID=66406 .

\\?\C:\588bce7c90097ed212\1029\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1029\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.64 KB
MD5	b02c48825414edca106c92182d32bc8a
SHA1	cf00219d69e3cff9777babece1ee9d8cdc776ac9
SHA256	c6147000fc34894c724c09cb69ffce75dd1263b69d063f75466d70b67b3c80dd
SSDeep	96:4BfgejTQpTfD/g7OyGBB2nZsEAVxfw8EMpDRI/YFkvvApzdYPBGx2:sfN7OHn2nZsEmf+Oa/c2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

DODATKOV LICENN PODMNKY PRO SOFTWARE SPOLENOSTI MICROSOFTMICROSOFT .NET FRAMEWORK 4 PRO OPERAN SYSTM MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE PRO OPERAN SYSTM MICROSOFT WINDOWS A PIDRUEN JAZYKOV SADY Licenci k~tomuto dodatku vm poskytuje spolenost Microsoft Corporation (nebo nkter z~jejch afilac v~zvislosti na tom, kde bydlte).Mte-li licenci k uit operanho systmu Microsoft Windows (pro nj je tento dodatek uren) (software"), smte tento dodatek uvat.Tento dodatek nesmte uvat, pokud licenci k~softwaru nemte.Kopii tohoto dodatku smte uvat s~kadou platn licencovanou kopi softwaru. Nsledujc licenn podmnky popisuj dal podmnky uvn pro tento dodatek.Na vae uvn tohoto dodatku se vztahuj tyto podmnky a~li cenn podmnky pro software.V~ppad konfliktu plat tyto dodatkov licenn podmnky. Pouitm dodatku pijmte tyto podmnky.Pokud je nepijmte, dodatek nepouvejte.Dodrte-li tyto licenn podmnky, mte nsledujc prva. 1. f0 SLUBY TECHNICK PODPORY PRO DODATEK. Spolenost Microsoft poskytu ...

\\?\C:\588bce7c90097ed212\1029\LocalizedData.xml.bbawasted

Dropped File

Unknown

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1029\LocalizedData.xml (Dropped File)
Mime Type	-
File Size	79.07 KB
MD5	0b6ed582eb557573e959e37ebe2fca6a
SHA1	82c19c7eafb28593f453341eca225873fb011d4c
SHA256	8a0da440261940ed89bad7cd65bbc941cc56001d9aa94515e346d57b7b0838fc
SSDeep	384:4w9jRY/svLov/QvQovOLeyndT/jfB7eyNdT9eTiyn15byYOMbqav8qAMrZEXw/Fm:Wt/jPvoZJZ0z
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1031\LocalizedData.xml.bbawasted

Dropped File

Unknown

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1031\LocalizedData.xml (Dropped File)
Mime Type	-
File Size	80.42 KB
MD5	8505219c0a8d950ff07dc699d8208309
SHA1	7a557356c57f1fa6d689ea4c411e727438ac46df
SHA256	c48986cdb7fe3401234e0a6540eb394c1201846b5beb1f12f83dc6e14674873a
SSDeep	1536:guayUbZwf+2CzQHsjz1VbxzPGnz6solo8xKc6JT/1Sy:JayUtwf+2CzQHshPGnz6solo8xKc6JTd
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1032\LocalizedData.xml.bbawasted

Dropped File

Unknown

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1032\LocalizedData.xml (Dropped File)
Mime Type	-
File Size	84.26 KB
MD5	3bf8da35b14fbcc564e03f6342bb71f2
SHA1	8f9139f0bb813bf95f8c437548738d32848d8940
SHA256	39efe12c689edfea041613b0e4d6ec78afec8fe38a0e4adc656591ffef8f415d
SSDeep	384:4w+7UVysuXHXeXAehlT++sTGoheXrW4MgcyvF773/xSFVQbleaS8tOnjiJLtchH0:+3OQeHll5PunjiJr
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1032\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1032\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	8.67 KB
MD5	2091f5da2bf884f747103a31d2dc947b
SHA1	aad26eb74b793d7de2f466150f609c276d398fb5
SHA256	b7a7f2388600d9d059dcdf300845938e429a0ff16eb03bdece48825805069b7e
SSDeep	192:/foOHY6P6Km5NHMQaEjxPSuHON0SuQI62:R46Pm5Ns0jxpeuQV2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWS - MICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWSMicrosoft Corporation (,).Microsoft Windows () ( ""),.....,.,.,.,. 1. lang1032.Microsoft,www.support.microsoft.com/common/international.aspx . 2. lang1032MICROSOFT .NET FRAMEWORK..NET Framework ( .NET)..~,http://go.microsoft.com/fwlink/?LinkID=66406 .Microsoft,, Microsoft.NET,http://go.microsoft.com/fwlink/?LinkID=66406 .

Embedded URLs (1)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1033\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1033\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	75.42 KB
MD5	326518603d85acd79a6258886fc85456
SHA1	f1cef14bc4671a132225d22a1385936ad9505348
SHA256	665797c7840b86379019e5a46227f888fa1a36a593ea41f9170ef018c337b577
SSDeep	384:4w6JjgKW5D8U2JhrDheHQTBNgNSdfUGNatvcc7QDBuGdSJgkR6Sqzxu:gJsKKIrDPT7lSJYI
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1033\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1033\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.11 KB
MD5	b7129c4881f118fcb38f27cfb00cd36d
SHA1	148989b710205c6a67b3f960567f6daa98d75bda
SHA256	da3d6a6ac223744df01c920eae5f43e017f52350831c4f3f6bb38d78232ea3b4
SSDeep	96:MHfTLNnTkWBTkFDZ8f4wHlre7MUxprfKmMb0+MW+1Ep9qeelN+sznM+IEp+Lk2:yfyTLillHW+mMhyAspz2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

MICROSOFT SOFTWARE SUPPLEMENTAL LICENSE TERMS MICROSOFT .NET FRAMEWORK 4 FOR MICROSOFT WINDOWS OPERATING SYSTEMMICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE FOR MICROSOFT WINDOWS OPERATING SYSTEMAND ASSOCIATED LANGUAGE PACKS Microsoft Corporation (or based on where you live, one of its affiliates) licenses this supplement to you. If you are licensed to use Microsoft Windows operating system software (for which this supplement is applicable) (the "software"), you may use this supplement. You may not use it if you do not have a license for the software. You may use a copy of this supplement with each validly licensed copy of the software. The following license terms describe additional use terms for this supplement. These terms and the license terms for the software apply to your use of the supplement. If there is a conflict, these supplemental license terms apply. By using this supplement, you accept these terms. If you do not accept them, do not use this supplement.If you comply w ...

Embedded URLs (3)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406&clcid=0x409	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://www.support.microsoft.com/common/international.aspx	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1035\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1035\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.62 KB
MD5	4a43d21d1576e040dc9f5b90162a0401
SHA1	1616fa39d9e4e7b2bb927caded944dd14bd05656
SHA256	f0e2739892a1ce8a6445cec72ff9ad88e939e21c719552e8acd746f92f9fafb7
SSDeep	96:MWBfuMAh8TZhqTy9DbDixX7zR7MrrqX37ILY7TpLgoyk1zERRe5g9KIMpDnYA06m:VfeRzH3vmLQzE6AOAC2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

MICROSOFT-OHJELMISTON TYDENNYSOSAN KYTTOIKEUSSOPIMUKSEN EHDOTMICROSOFT .NET FRAMEWORK 4 MICROSOFT WINDOWS -KYTTJRJESTELMN MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE MICROSOFT WINDOWS -KYTTJRJESTELMN SEK NIIHIN LIITTYVT KIELIPAKETIT Microsoft Corporation (tai asiakkaan asuinpaikan mukaan mrytyv Microsoft Corporationin konserniyhti) mynt asiakkaalle tmn tydennysosan kyttoikeudet.Jos asiakkaalla on Microsoft Windows -kyttjrjestelmohjelmiston ("ohjelmisto") (jota tm tydennysosa tydent) kyttoikeudet, asiakas saa kytt tt tydennysosaa.Asiakas ei saa kytt tydennysosaa, jos asiakkaalla ei ole ohjelmiston kyttoikeutta.Asiakas saa kytt tmn tydennysosan kopiota kaikkien niiden ohjelmistosta tehtyjen kopioiden kanssa, joihin on voimassa olevat kyttoikeudet. Seuraavissa kyttoikeusehdoissa kuvataan tmn tydennysosan liskyttoikeusehtoja.Tydennysosan kyttn sovelletaan nit ehtoja ja ohjelmiston kyttoikeusehtoja.Jos ehdot ovat keskenn ristiriidassa, sovelletaan tydennysosan kyttoikeusehtoja. Kyttmll t ...

\\?\C:\588bce7c90097ed212\1036\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1036\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.44 KB
MD5	e0da85db8b02a89a63601ea6b9ad7ff8
SHA1	5f91c397cf3fbf4475ff71339b2d69c45694130f
SHA256	8880b979a4f8ecdd529241d9ae02583fecd21010ea1e255a1cbcd0c6fb2f75e9
SSDeep	96:MTBfEhmvTf8vTR/DSIem21HDpHD1cT+Tot4er42xzK8/ptMpDLaFNsNGlDPsCU2:IfJw95eJlx1E+Tot4er42xzKuOKPU2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TERMES DE CONTRAT DE LICENCE D'UN SUPPLMENT MICROSOFTMICROSOFT .NET FRAMEWORK~4 POUR LE SYSTME D'EXPLOITATION MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK~4 CLIENT PROFILE POUR LE SYSTME D'EXPLOITATION MICROSOFT WINDOWS ET LES LANGAGE PACKS ASSOCIS Microsoft Corporation (ou, en fonction du lieu o vous vivez, l'un de ses affilis) vous accorde une licence pour ce supplment.Si vous tes titulaire d'une licence d'utilisation du logiciel de systme d'exploitation Microsoft Windows (auquel s'applique le prsent supplment) (le ~logiciel~), vous tes autoris utiliser ce supplment.Vous n''eates pas autoris utiliser ce supplment si vous n''eates pas titulaire d'une licence pour le logiciel.Vous pouvez utiliser une copie de ce supplment avec chaque copie concde sous licence du logiciel. Les termes du contrat de licence suivants dcrivent les conditions d'utilisation supplmentaires pour le supplment.Les prsents termes et les termes du contrat de licence du logiciel s'appliquent l'utilisation du sup ...

\\?\C:\588bce7c90097ed212\1037\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1037\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	6.69 KB
MD5	74c015d4e8024f9a49cf8d183cbdb0f5
SHA1	8428260a9e522a712efc8740af848bd7521deb8e
SHA256	d7718cf8f97f78656aa8964721757ea7e369fc7bbb052777c90e63d07c7cc7c5
SSDeep	96:2Rf64JJR1vTJ3R1vTJZZDg1YGZmF1plypIuw75TYgnMJ9nqIQ2fPMpicPtxScRtZ:0fXRskPWIHxYnJVPOxScl9ZnlfZ4LH2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWSMicrosoft Corporation(,).Microsoft Windows () (""),.....,.,.,.,. 1. f0. Microsoft,www.support.microsoft.com/common/international.aspx . 2. f0MICROSOFT .NET FRAMEWORK ..NET Framework ( .NET )..~.NET ,http://go.microsoft.com/fwlink/?LinkID=66406 .Microsoft ,, - MicrosoftNET . ,http://go.microsoft.com/fwlink/?LinkID=66406 .

Embedded URLs (1)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1038\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1038\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	84.42 KB
MD5	89d4356e0f226e75ca71d48690e8ec15
SHA1	2336caa971527977f47512bc74e88cec3f770c7d
SHA256	fcbb619deb2d57b791a78954b0342dbb2fef7ddd711066a0786c8ef669d2b385
SSDeep	1536:Ji+5JLuNF70SNjPBzuXrXdJHbdi3kC4kL1:Ji+5JLyF70SNjPBzuXrXdJHbdi3kCZZ
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1040\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1040\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.56 KB
MD5	6c9c19bfed724146512493f05cba4f0f
SHA1	de249075aac70d4661ed559fd64de9f33de43db5
SHA256	c405ab9949c10619742af1af153521ffd85c16821324c16233b025f982a98cad
SSDeep	96:rwBfYOP/TfVTJDwXtxjCJEZ+jw/Njppm/F/ZaFgcT/okOct2:yfYXRzMjsA9/EFxDt2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

CONDIZIONI DI LICENZA SOFTWARE MICROSOFT SUPPLEMENTARIMICROSOFT .NET FRAMEWORK 4 PER IL SISTEMA OPERATIVO MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE PER IL SISTEMA OPERATIVO MICROSOFT WINDOWS E RELATIVI LANGUAGE PACKMicrosoft Corporation (o, in base al luogo di residenza del licenziatario, una delle sue consociate) concede in licenza al licenziatario il presente supplemento.Qualora il licenziatario sia autorizzato a utilizzare il software per il sistema operativo Microsoft Windows (per il quale il presente supplemento applicabile) (il "software"), potr usare il presente supplemento.Il licenziatario non potr utilizzarlo qualora non disponga di una licenza per il software.Il licenziatario potr utilizzare una copia del presente supplemento con ciascuna copia del software validamente concessa in licenza. Nelle condizioni di licenza che seguono sono descritte le condizioni di utilizzo aggiuntive relative al presente supplemento.Tali condizioni e le condizioni di licenza ...

Embedded URLs (3)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406(in	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://www.support.microsoft.com/common/international.aspx	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1040\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1040\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	78.18 KB
MD5	eda1ec689d45c7faa97da4171b1b7493
SHA1	807fe12689c232ebd8364f48744c82ca278ea9e6
SHA256	80faa30a7592e8278533d3380dcb212e748c190aaeef62136897e09671059b36
SSDeep	384:4wFACg1fPK/YBZ3tMa9eIzNZNs4fzWmJVo5HnscuRv:/ACgNKjaVLJi2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1041\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1041\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	9.89 KB
MD5	75ce7d721bdb78f1020acf2b206b1859
SHA1	cc0418de8806811d21b19005bc5db0092767f340
SHA256	2abdc7246e95e420b4e66cc3c07acdb56ff390bcd524e0d8525d5bf345030a5a
SSDeep	192:tEf13/qC2+PCsANROmuuU8EhZFJEj2VQoKOwyWAOxzpOh+uqaJgt2:tBtQoCnGDzhuqz2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 CLIENT PROFILELANGUAGE PACK Microsoft Corporation( )Microsoft Windows( ) ( )11. lang1041www.support.microsoft.com/common/international.aspx2. f1 MICROSOFT .NET FRAMEWORK.NET Framework( .NET )1http://go.microsoft.com/fwlink/?LinkID=66406go.microsoft.com/fwlink/?LinkID=66406.NET

Embedded URLs (2)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406go.microsoft.com/fwlink/?LinkID=66406.NET	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1042\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1042\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	12.39 KB
MD5	a3b318528e286ec387e81934e5d3b081
SHA1	cedcc08d008e21c0e88eef8354dab8cff2ef51ad
SHA256	2954edb51628942a37a9bf58da628932638c35ed61744892e42623fe4ccd06a0
SSDeep	192:MUf0PVF4MjeKojIfE6wK+b/mIr4tIAcAIce5rD6O1IuonKZim+dfNAW6qUK84Zn+:aK0wB/Tr4TmckIuCm+TAWdUN/re2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 CLIENT PROFILEMicrosoft Corporation().Microsoft Windows(" ")......... 1. lang1042. Microsoftwww.support.microsoft.com/common/international.aspx. 2. MICROSOFT .NET FRAMEWORK..NET Framework(.NET).. http://go.microsoft.com/fwlink/?LinkID=66406., MicrosoftMicrosofthttp://go.microsoft.com/fwlink/?LinkID=66406.NET.

Embedded URLs (3)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406.	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406.NET.	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406&clcid=0x409	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1043\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1043\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.46 KB
MD5	305ae79ec7d0e8d1f826d70d7d469bb4
SHA1	bbe8ffd83fca6c013a20cdee6ea0affd988c4815
SHA256	69537aef05edfb55ec32897b3dd59724a825fddeccd92bdd5e8840cb92b1b383
SSDeep	96:rTBfrnjTsVT08DfQhtJlIcm3wEM8LPMpDlGu3x+O0H+Ozo+SBT+OZt6S2:ZfLltGwEMAPOkukO0eONNOT2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

AANVULLENDE LICENTIEVOORWAARDEN VOOR MICROSOFT-SOFTWAREMICROSOFT .NET FRAMEWORK 4 VOOR HET BESTURINGSSYSTEEM MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE VOOR HET BESTURINGSSYSTEEM MICROSOFT WINDOWS EN GERELATEERDE TAALPAKKETTEN Microsoft Corporation (of, afhankelijk uw locatie, een van haar gelieerde ondernemingen) geeft dit supplement aan u in licentie.Als u een licentie hebt voor het gebruik van Microsoft Windows-besturingssysteemsoftware (waarop dit supplement van toepassing is) (de 'software'), mag u dit supplement gebruiken.U mag dit supplement niet gebruiken als u niet over een licentie voor de software beschikt.U mag een exemplaar van dit supplement gebruiken bij elk geldig in licentie gegeven exemplaar van de software. De volgende licentievoorwaarden beschrijven aanvullende gebruiksvoorwaarden voor deze aanvulling.Deze voorwaarden zijn samen met de licentievoorwaarden voor de software van toepassing op uw gebruik van dit supplement.Als deze voorwaarden tegen ...

\\?\C:\588bce7c90097ed212\1044\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1044\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	2.97 KB
MD5	830ebced0f03f267eee7a5167c4e91a4
SHA1	740075166941e5623ecb488b0390f25a84feec77
SHA256	2d0b46674bb383a56e6061d25f0d446c8b50c83c92269a3fccb657429e9ef4be
SSDeep	48:rPN3nffnyzInT7BjTgLDRn0l392N4S2ZOMb5XgNRc9q5QB34pg5lqM9TX/ufMpDn:rPBffyUnT7BjTADRn0lN2N4S2wG5wNRq
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TILLEGGSLISENSVILKR FOR MICROSOFT-PROGRAMVAREMICROSOFT .NET FRAMEWORK 4 FOR MICROSOFT WINDOWS-OPERATIVSYSTEM MICROSOFT .NET FRAMEWORK 4-KLIENTPROFIL FOR MICROSOFT WINDOWS-OPERATIVSYSTEM OG TILKNYTTEDE SPRKPAKKER Microsoft Corporation (eller, avhengig av hvor du bor, et av dets tilknyttede selskaper) lisensierer dette tillegget til deg.Hvis du er lisensiert til bruke Microsoft Windows-operativsystemprogramvare (som dette tillegget gjelder for) ("programvaren"), har du rett til bruke dette tillegget.Du har ikke tillatelse til bruke det hvis du ikke har lisens for programvaren.Du kan bruke et eksemplar av dette tillegget sammen med hvert enkelt gyldig lisensierte eksemplar av programvaren. Flgende lisensvilkr beskriver ekstra brukervilkr for dette tillegget.Disse vilkrene og lisensvilkrene for programvaren gjelder din bruk av dette tillegget.Ved en eventuell konflikt er det disse tilleggsvilkrene som gjelder. Ved ta i bruk dette tillegget godtar du disse vilkrene.Hvis du ikke godt ...

\\?\C:\588bce7c90097ed212\1044\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1044\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	77.44 KB
MD5	120104fa24709c2a9d8efc84ff0786cd
SHA1	b513fa545efae045864d8527a5ec6b6cebe31bb9
SHA256	516525636b91c16a70aef8d6f6b424dc1ee7f747b8508b396ee88131b2bb0947
SSDeep	384:4wn2IhI4z6T1sHCqeHveRWUw+KbGpK+9C/E6b2NJBf2OEuv:V9hI4z6T1siqeHveRhAo9CM6b2NJBuOD
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1045\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1045\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.95 KB
MD5	bb93b108d4be954133380f7709e7ba1e
SHA1	34376037b3c5879142796a2f524e5b3ea6097ed1
SHA256	4f2d6a8979c89592877555fe8f576d5f631132452afe86114d35e9531a1ca948
SSDeep	96:rTBfQaJRTIRTjzH+oDgQUoIs89FcG5ywI5Et/+TMm9MpDcA/+MvsNcUOsG9jeLdp:Zfo+Bs18ncG5Y5Et/+Z9OwAjs7OtRwdp
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

UZUPENIAJCE POSTANOWIENIA LICENCYJNE DOTYCZCE OPROGRAMOWANIA MICROSOFTMICROSOFT .NET FRAMEWORK 4 DLA SYSTEMU OPERACYJNEGO MICROSOFT WINDOWS PROFIL KLIENTA PROGRAMU MICROSOFT .NET FRAMEWORK 4 DLA SYSTEMU OPERACYJNEGO MICROSOFT WINDOWS I POWIZANYCH PAKIETW JZYKOWYCH Microsoft Corporation (lub, w~zalenoci od miejsca zamieszkania Licencjobiorcy, jeden z~podmiotw stowarzyszonych Microsoft Corporation) udziela Licencjobiorcy licencji na to uzupenienie.Licencjobiorca moe z~niego korzysta, pod warunkiem e uzyska licencj na system operacyjny Microsoft Windows (oprogramowanie").Licencjobiorca nie moe korzysta z~uzupenienia, jeli nie posiada licencji na to oprogramowanie.Licencjobiorca moe uywa kopii tego uzupenienia z~kad kopi oprogramowania, na ktr uzyska wan licencj. Poniej przedstawiono dodatkowe postanowienia licencyjne dotyczce uywania tego uzupenienia.Korzystanie z~uzupenienia podlega niniejszym uzupeniajcym postanowieniom licencyjnym oraz postanowieniom licencyjnym dotyczcym oprogram ...

\\?\C:\588bce7c90097ed212\1046\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1046\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.60 KB
MD5	e43708161843a33d34d6fdf966d36397
SHA1	2e5c0450cebd9a737a90908eeddaae2d0b3e2940
SHA256	0af1f04f416712387bf87c93fa846b4e8eb0ac25e284a2a3578c58e2724e2778
SSDeep	96:rTBfAlMu9fTp/9fTdIDsGJ1KlhREerHr7uStmESWp55ztFuMpDl/BRwZ+qf+J4Ed:ZfeuqhGeHVIErn1zuO9BC8q2WEHt+B2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TERMOS DE LICENA COMPLEMENTARES PARA SOFTWARE DA MICROSOFTMICROSOFT .NET FRAMEWORK 4 PARA SISTEMA OPERACIONAL MICROSOFT WINDOWSPERFIL DO CLIENTE DO MICROSOFT .NET FRAMEWORK 4 PARA SISTEMA OPERACIONAL MICROSOFT WINDOWS parE PACOTES DE IDIOMAS ASSOCIADOS A Microsoft Corporation (ou, dependendo do local em que voc esteja domiciliado, uma de suas afiliadas) fornece a voc a licena deste suplemento.Se voc possui a licena de uso do software do sistema operacional Microsoft Windows (ao qual este suplemento se aplica) (o "software"), pode usar este suplemento.Voc no poder us-lo se no possuir a licena para o software.Voc poder usar uma cpia deste suplemento com cada cpia licenciada vlida do software. Os termos de licena a seguir descrevem termos adicionais de uso deste suplemento.Estes termos e os termos da licena do software se aplicam ao uso do suplemento.Em caso de conflito, aplicar-se-o os termos de licena deste suplemento. O uso deste suplemento representa sua aceitao destes termos.Se vo ...

\\?\C:\588bce7c90097ed212\1046\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1046\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	78.85 KB
MD5	a03d2063d388fc7a1b4c36d85efa5a1a
SHA1	88bd5e2ff285ee421ccc523f7582e05a8c3323f8
SHA256	61d8339e89a9e48f8ae2d929900582bb8373f08d553ec72d5e38a0840b47c8a3
SSDeep	384:4wl7DAQput9emRem6cvMOem6QemIAY/YEQTeQoqk7EHd9nKxXq5fKsLaG5m73Rdv:geOeqeCe1CkyJtG07g
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1049\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1049\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	53.18 KB
MD5	2277852a45da18b12beec5fb6f08cdc9
SHA1	e564862d098bd111430c4208eaa1add5cd52a601
SHA256	59ad806664e3ce4a024452985c4602d5610126a16fc36ade018a9756accc92cc
SSDeep	768:3CR6rdlWFJv3zGz9tWQ2ni8UNo/8PZrS14Z:3CcrMeDZ
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Creator	karenor
Revision	2
Create Time	2010-03-05 10:46:00+00:00
Modify Time	2010-03-05 10:46:00+00:00

Document Information

»

App Version	32771
Company	Microsoft
Page Count	1
Word Count	291
Character Count	2340
Chars With Spaces	2626
operator	karenor

Document Content

»

MICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 CLIENT PROFILEMICROSOFT WINDOWS(LANGUAGEPACKS)Microsoft ( ,,).,,(),Microsoft Windows.,....,.,.,.,.1..Microsoft,www.support.microsoft.com/common/international.aspx.2.MICROSOFT .NET FRAMEWORK..NET Framework (.NET)..~,,- go.microsoft.com/fwlink/?LinkID=66406.Microsoft,Microsoft,.NET,,- g o.microsoft.com/fwlink/?LinkID=66406.

\\?\C:\588bce7c90097ed212\1053\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1053\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.77 KB
MD5	e2f73097fc60f5347bad1c1e93b2941b
SHA1	8564447af45b488ac713d898405b759365662598
SHA256	72860227092c38ae5e00e24c75e9b263e77bd2032ee597aabe408b9176448097
SSDeep	96:rTBfv+/9TfHTGDXtZEOuAs50Y1EIF19VWMpDHvuKMLDBD+d54+QFEp5Tf+8K+l1S:5ffduAs591EIb9gOpqDoDZQmx2W2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TILLGGSLICENSVILLKOR FR PROGRAMVARA FRN MICROSOFTMICROSOFT .NET FRAMEWORK 4 FR OPERATIVSYSTEMET MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE FR OPERATIVSYSTEMET MICROSOFT WINDOWS OCH ASSOCIERADE SPRKPAKET Microsoft Corporation (eller beroende p var du bor, ett av dess koncernbolag) licensierar detta tillgg till dig.Om du innehar licens fr programvara fr operativsystemet Microsoft Windows (som detta tillgg gller fr) ("programvaran") har du rtt att anvnda detta tillgg.Du fr inte anvnda tillgget om du inte har ngon licens fr programvaran. Du har rtt att anvnda ett exemplar av detta tillgg med varje giltigt licensierat exemplar av programvaran. Fljande licensvillkor beskriver ytterligare anvndningsvillkor fr detta tillgg.De hr villkoren och licensvillkoren fr programvaran gller fr din anvndning av tillgget.Om de str i konflikt med varandra gller dessa tillggslicensvillkor. Genom att anvnda detta tillgg accepterar du dessa villkor.Om du inte accepterar dem ska du inte anv ...

Embedded URLs (2)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406&clcid=0x409	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1055\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1055\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.77 KB
MD5	d71a0d5b6cb13901cd35c036d395be59
SHA1	b0f83cf648c2e84119a32afd2e0ef409bb2047ce
SHA256	a8850f6dbf56b6c55d255e81b15a3d17196eee89ffbe41cdfca19205628c1a7b
SSDeep	96:VSfjQOTqfRRTqfSD+vmScfQEz04jMpDLiIzhZLlZhD2:wfcFpcfEo4jOT2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

MICROSOFT YAZILIM EK LSANS KOULLARIMICROSOFT WINDOWS LETM SSTEMLER N MICROSOFT .NET FRAMEWORK 4 MICROSOFT WINDOWS LETM SSTEMLER N MICROSOFT .NET FRAMEWORK 4 STEMC PROFL VE LKL DL PAKETLER Microsoft Corporation (veya yaadnz yere gre bir bal irketi) bu ekin lisansn size vermektedir.Bu ekin geerli olduu Microsoft Windows iletim sistemi yazlmn ("yazlm") kullanma lisansnz varsa bu eki kullanabilirsiniz.Yazlm iin lisansnz yoksa bu eki kullanamazsnz.Bu ekin bir kopyasn yazlmn geerli lisans olan her kopyasyla kullanabilirsiniz. Aadaki lisans koullar, bu ek ile ilgili ek kullanm koullarn aklamaktadr.Eki kullanmnz, bu koullara ve yazlmn lisans koullarna tabidir.Bir ihtilaf olmas durumunda, bu ek lisans koullar geerlidir.Bu eki kullanmanz bu koullar kabul ettiiniz anlamna geli r.Bu koullar kabul etmiyorsanz, bu eki kullanmayn.Bu lisans koullarna uyduunuz takdirde aadaki haklara sahip olursunuz. 1. lang1055 EK N DESTEK HZMETLER.Microso ft, bu yazlm iin www.support.microsoft.com/common/interna ...

\\?\C:\588bce7c90097ed212\2052\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\2052\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	5.69 KB
MD5	4288c2541843f75c348d825fc8b94153
SHA1	e0dd8ed7bdb3c941a589361ee764f49a3619c264
SHA256	c30a7597aa67e2847940e2c24f09b35c07b1ec759adbca7c8261141fc1ecca92
SSDeep	96:M5DBmf0jLTCLLgLTCLLmDjxrDT2k9rkKp7aDKaXzaWZMa/O9wzy6n/MpDTKTGptk:EmfJXoQkRGDtXeWZv/O9XmOdZzQJWBBi
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 CLIENT PROFILEMicrosoft Corporation Microsoft CorporationMicrosoft Windows "lang2052"lang20521. lang2052 Microsoftwww.support.microsoft.com/common/international.aspx2. f0 MICROSOFT .NET FRAMEWORK.NET Framework ".NET "f1 go.microsoft.com/fwlink/?LinkID=66406Microsoft Microsoft.NETgo.microsoft.com/fwlink/?LinkID=66406

\\?\C:\588bce7c90097ed212\2070\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\2070\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.92 KB
MD5	4518be9a9bca5be1d8ac926a4b2c087d
SHA1	d089427d93ea726380e89ecf00127bd51a4dcfc1
SHA256	d838acf5ed559c58f623f73af4902a13848502778eea7af585ac2e801d7c8c45
SSDeep	96:r4IffB09DkTLGTHD28ygHx0LlHKe1rvGA9mE0Eyh+iH/OMpiKwIurpEpiT0T8x8w:VfB8ygHclqe1ruAYEBm+imOvurerV2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TERMOS DE LICENCIAMENTO SUPLEMENTARES PARA SOFTWARE MICROSOFTMICROSOFT .NET FRAMEWORK 4 PARA O SISTEMA OPERATIVO MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE PARA O SISTEMA OPERATIVO MICROSOFT WINDOWS E PACOTES DE IDIOMAS ASSOCIADOS A Microsoft Corporation (ou, dependendo do pas em que reside, uma das respectivas empresas afiliadas) licencia este suplemento para o Adquirente.Se o Adquirente estiver licenciado para utilizar software do sistema operativo Microsoft Windows (ao qual este suplemento se aplica)) (o "software"), poder utilizar este suplemento.O Adquirente no poder utiliz-lo se no tiver uma licena para o software.Poder utilizar uma cpia deste suplemento com cada cpia do software licenciada de modo vlido. Os seguintes termos de licena descrevem termos adicionais de utilizao deste suplemento.Estes termos e os termos de licenciamento para o software aplicam-se utilizao deste suplemento por parte do Adquirente.Caso se verifique um conflito, aplicam-se estes term ...

Embedded URLs (2)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406&clcid=0x409	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\3076\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\1028\eula.rtf.bbawasted (Dropped File) \\?\C:\588bce7c90097ed212\1028\eula.rtf (Dropped File) \\?\C:\588bce7c90097ed212\3076\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	6.16 KB
MD5	6f2f198b6d2f11c0cbce4541900bf75c
SHA1	75ec16813d55aaf41d4d6e3c8d4948e548996d96
SHA256	d7d3cfbe65fe62dfa343827811a8071ec54f68d72695c82bec9d9037d4b4d27a
SSDeep	96:/R8NRf8TTVKTu4LuTu4LrzZD41raZM4HbegdxqKZJQ1/FSMZJujgzc/MpD1JzIf2:/R4Rfm2NBZMjOfro2n6CA2
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content

»

MICROSOFTMICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4 MICROSOFT WINDOWSMICROSOFT .NET FRAMEWORK 4Microsoft( )Microsoft Windows( ) ( )1. lang1028 Microsoftwww.support.microsoft.com/common/international.aspx2. f0 MICROSOFT .NET FRAMEWORK.NET Framework(.NET )http://go.microsoft.com/fwlink/?LinkID=66406Microsofthttp://go.microsoft.com/fwlink/?LinkID=66406Microsoft.NET

Embedded URLs (2)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406Microsofthttp://go.microsoft.com/fwlink/?LinkID=66406Microsoft.NET	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\3082\LocalizedData.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\3082\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	78.12 KB
MD5	2d54fe70376db0218e8970b28c1c4518
SHA1	83ee9ac93142751f23d5bb858f7264e27ea2eab0
SHA256	d17c5b638e2a4d43212d21a2052548c8d4909eb6410e30b8a951a292bcdbbedd
SSDeep	1536:Xo/yYrDKRqvf+ffl0VMf/mfL94T+7j2JoiZq:Xo/yYrDKRqvf+feVMf/mfL94T+7j2Jrq
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\3082\eula.rtf.bbawasted

Dropped File

RTF

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\3082\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.00 KB
MD5	d40c65f632063e5cdfef104e324d0ad4
SHA1	49faba625badf413763bd913edb62510d3790e98
SHA256	aad96e7f4037e977997c630dec015ecf09cf73c1f5b73f84944e60b309eaab66
SSDeep	48:MTN3nfZQZXRFOTfyTZQDeK9xxMFcJ55HsUXHNX/RgMzsrMpDgLmqIy3W0b8EwKg3:MTBfZQZhoTfyTZQDeQxpDHsOH1ZvoMp9
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

Office Information

»

Document Content Snippet

»

TRMINOS DE LICENCIA COMPLEMENTARIOS DEL SOFTWARE DE MICROSOFTMICROSOFT .NET FRAMEWORK 4 PARA EL SISTEMA OPERATIVO MICROSOFT WINDOWS MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE PARA EL SISTEMA OPERATIVO MICROSOFT WINDOWS Y PAQUETES DE IDIOMA ASSOCIADOS Microsoft Corporation (o, en funcin del lugar en el que resida, una de sus filiales) le concede la licencia para este complemento. Si obtiene la licencia para utilizar el sistema operativo Microsoft Windows (al que se aplica este suplemento), en adelante el "software", podr usar este suplemento. No puede usarlo si no dispone de licencia para el software. Puede utilizar una copia de este complemento con cada copia licenciada vlida del software. Los siguientes trminos de licencia describen los trminos de uso adicionales para este complemento. Dichos trminos y los trminos de licencia para el software se aplicarn al uso que haga del complemento. En caso de conflicto, prevalecern los presentes trminos de licencia complementarios. El uso del ...

\\?\C:\588bce7c90097ed212\Client\UiInfo.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Client\UiInfo.xml (Dropped File)
Mime Type	text/xml
File Size	38.13 KB
MD5	d7a2e90dd9df6f93fd4b7354f8ec2b0d
SHA1	a792c41b62796513e312f19dee91447b9280b23b
SHA256	1d1590eb48e66646ed7917a76302862ac87e6651c841a808cf3fe797b9e697f6
SSDeep	768:24URyd5vssgP7ZgZ/vSguJQvFQXvDINJh6F8hZkV1GO0N0phUl9eu+dODOOODOtK:24URyd5vsTPuZXQYQLIN/6F8hZkV1GOv
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\DHtmlHeader.html.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\DHtmlHeader.html (Dropped File)
Mime Type	text/html
File Size	15.74 KB
MD5	cd131d41791a543cc6f6ed1ea5bd257c
SHA1	f42a2708a0b42a13530d26515274d1fcdbfe8490
SHA256	e139af8858fe90127095ac1c4685bcd849437ef0df7c416033554703f5d864bb
SSDeep	192:7Ddx3KOTczFQ21Kp4n5DTx1iDecPeLHLHQFJFjZWblWUxFzJzcKHjT:fdsOT01KcBUFJFEWUxFzvHH
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\DisplayIcon.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\DisplayIcon.ico (Dropped File)
Mime Type	image/x-icon
File Size	86.46 KB
MD5	f9657d290048e169ffabbbb9c7412be0
SHA1	e45531d559c38825fbde6f25a82a638184130754
SHA256	b74ad253b9b8f9fcade725336509143828ee739cc2b24782be3ecff26f229160
SSDeep	1536:xWayqxMQP8ZOs0JOG58d8vo2zYOvvHAj/4/aXj/Nhhg73BVp5vEdb:e/gB4H8vo2no0/aX7C7Dct
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Extended\UiInfo.xml.bbawasted

Dropped File

Text

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Extended\UiInfo.xml (Dropped File)
Mime Type	text/xml
File Size	38.13 KB
MD5	ec417b1688ca10739c0737b72bf07431
SHA1	a1cf21fd2183c1c4e308fb3c6600d5855bdb3e51
SHA256	0452a6720e55b9d4e61225bb66016513dde15ce9cc1fb305fc0037d008476787
SSDeep	768:24URsd5vssgP7ZgZ/vSguJQvFQXvDINJh6Fuh3kr1UO0NWpPUb9cu+dOtOcOdOjQ:24URsd5vsTPuZXQYQLIN/6Fuh3kr1UOB
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Graphics\Rotate1.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate1.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	26a00597735c5f504cf8b3e7e9a7a4c1
SHA1	d913cb26128d5ca1e1ac3dab782de363c9b89934
SHA256	37026c4ea2182d7908b3cf0cef8a6f72bddca5f1cfbc702f35b569ad689cf0af
SSDeep	6:kRKqNllGuv/ll2dL/rK//dlQt0tlWMlMN8Fq/wbD4tNZDlNc367YCm6p+Wvtjlpr:pIGOmDAQt8n+uNbctNZ5w6AsXjKHRp5c
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Graphics\Rotate4.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate4.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	bb55b5086a9da3097fb216c065d15709
SHA1	1206c708bd08231961f17da3d604a8956addccfe
SHA256	8d82ff7970c9a67da8134686560fe3a6c986a160ced9d1cc1392f2ba75c698ab
SSDeep	6:kRK///FleTxml+SzNaoT9Q0/lHOmMdrYln8OUo/XRWl2XOXFBYpqnHp/p5c:p///FPwxUrMunUofRReFNHRp5c
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Graphics\Rotate7.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate7.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	fb4dfebe83f554faf1a5cec033a804d9
SHA1	6c9e509a5d1d1b8d495bbc8f57387e1e7e193333
SHA256	4f46a9896de23a92d2b5f963bcfb3237c3e85da05b8f7660641b3d1d5afaae6f
SSDeep	6:kRKIekllisUriJ2IP+eX8iDml8mS8+hlxllwqlllkg2klHYdpqnHp/p5c:p8os0iieX8iNVHX//x2sHYdoHRp5c
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Graphics\Rotate8.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate8.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	d1c53003264dce4effaf462c807e2d96
SHA1	92562ad5876a5d0cb35e2d6736b635cb5f5a91d9
SHA256	5fb03593071a99c7b3803fe8424520b8b548b031d02f2a86e8f5412ac519723c
SSDeep	12:pPv1OuTerb53mpOBfXjQuZfKWpIXE1D6HRp5c:91OEerb53eUQsflpIP4
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\Graphics\Setup.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Setup.ico (Dropped File)
Mime Type	image/x-icon
File Size	35.85 KB
MD5	3d25d679e0ff0b8c94273dcd8b07049d
SHA1	a517fc5e96bc68a02a44093673ee7e076ad57308
SHA256	288e9ad8f0201e45bc187839f15aca79d6b9f76a7d3c9274c80f5d4a4c219c0f
SSDeep	384:IXcWz9GU46B4riEzg8CKcqxkk63gBh6wSphnBcI/ObMFp2rOebgcjTQcho:IMWQ2Bf8qqxMQP8pc4XessTJo
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000002.regtrans-ms.bbawasted

Dropped File

Stream

Whitelisted

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000002.regtrans-ms.bbawasted (Dropped File) \\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000002.regtrans-ms (Dropped File) \\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000002.regtrans-ms (Dropped File)
Mime Type	application/octet-stream
File Size	512.00 KB
MD5	59071590099d21dd439896592338bf95
SHA1	6a521e1d2a632c26e53b83d2cc4b0edecfc1e68c
SHA256	07854d2fef297a06ba81685e660c332de36d5d18d546927d30daad6d7fda1541
SSDeep	3::
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\Users\FD1HVy\Documents\My Shapes\_private\folder.ico.bbawasted

Dropped File

Image

Whitelisted

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\My Shapes\_private\folder.ico (Dropped File)
Mime Type	image/x-icon
File Size	29.22 KB
MD5	5130ee1b914d382af41ff3a35eb151b8
SHA1	81ad3e1731197926cc36fa9d12a1b224b6b82f5c
SHA256	baaf97e8e0606daecc8c3271b73b91b1d8b1f2e521ae677480b0a3f87173eb39
SSDeep	384:K2q8VNb8qSR2uWze4k8gOSuDJ8YhU724I7LT1KwQ:KdzR2uWzrkJOSuDSYh8bWLT1KwQ
ImpHash	-

File Reputation Information

»

Severity	Whitelisted

\\?\C:\588bce7c90097ed212\1025\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

»

Mime Type	-
File Size	1.92 KB
MD5	1cc68347b3d4fdda2c2de3bd92dfa68c
SHA1	769a787876e6dbfe088f78cda4737f35e3447d05
SHA256	cd25e2cef15b591b983af86d6d6fa3898fd3eb5ba59ed623bfb39cce8425d983
SSDeep	48:rdp4H+Zaq6EAxY2RSoLVkDV3dbftMtQB62Was1:rT4H9q6TN0oBkp3Zk2Kr1
ImpHash	-

\\?\C:\588bce7c90097ed212\1028\eula.rtf.bbawasted_info

Dropped File

Unknown

»

Mime Type	-
File Size	1.92 KB
MD5	08b12f3ca4697a434bd81887a3b7e7b6
SHA1	ce501dc39c17b4ba8763672384de89527449bad2
SHA256	0afa77ce5a3cb9950365494d5f1fc67122ca979be3a556774daca825894e5cfa
SSDeep	48:rdp4ria3HKo1bE7Qf93k9mfAH4C94KqPGgxJvaX0Pk1:rT4d3BxE7Y3EmK4C94Kq3fvqck1
ImpHash	-

\\?\C:\588bce7c90097ed212\1030\eula.rtf.bbawasted

Dropped File

RTF

Unknown

»

Also Known As	\\?\C:\588bce7c90097ed212\1030\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.24 KB
MD5	b756c9b475e1e5955d8bf1544df556f7
SHA1	03acd306196d5c0cdfbeb947ce3e018c08fd08cb
SHA256	204021cc428c70f76de750c0b01404e3396ee8602c8f25f44635f6f2bdbf693a
SSDeep	96:MTBfIGPzxT1B9TwDXOC1uJzGTcDC5bhPqljShnEGiBe4YOMpDIbu0L9D+Ogp+Ogj:If/Jqn1uJzGTcDC5bhSljShnEGioDOOa
ImpHash	-

Office Information

»

Document Content Snippet

»

TILLG TIL LICENSVILKR FOR MICROSOFT-SOFTWAREMICROSOFT .NET FRAMEWORK 4 TIL MICROSOFT WINDOWS-OPERATIVSYSTEM MICROSOFT .NET FRAMEWORK 4-KLIENTPROFIL TIL MICROSOFT WINDOWS-OPERATIVSYSTEM OG TILKNYTTEDE SPROGPAKKER Microsoft Corporation (eller, afhngigt af hvor De bor, et af dets associerede selskaber) licenserer dette tillg til Dem.Hvis De har licens til at bruge Microsoft Windows-operativsystemsoftware (som dette tillg glder for) ("softwaren"), m De anvende dette tillg.De m ikke bruge dette tillg, hvis De ikke har licens til softwaren.De m bruge en kopi af dette tillg sammen med hver gyldigt licenseret kopi af softwaren. De flgende licensvilkr beskriver yderligere vilkr for dette tillg.Disse vilkr og licensvilkrene for softwaren glder for brug af dette tillg.Hvis der er konflikt mellem disse, er det licensvilkrene til tillgget, der er gldende. Ved at tage tillgget i brug accepterer De disse vilkr.Sfremt De ikke kan acceptere vilkrene, har De ikke ret til at bruge tillgget.Hvis De ov ...

\\?\C:\588bce7c90097ed212\1031\eula.rtf.bbawasted

Dropped File

RTF

Unknown

»

Also Known As	\\?\C:\588bce7c90097ed212\1031\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	3.34 KB
MD5	94190970fb79c7085de2e97ae4630b07
SHA1	272677f49985098ca0477d6a8c1e70e4bddb646c
SHA256	a448fe5954ec68b7c395da387545c1664c3f4baade021e6157ec142997d93ca2
SSDeep	96:MWBfVBITvyTqDyiRc3E5Zob0MpDmqgH4KYXsY/49Uo2:VffWX5Zm0O3Q32
ImpHash	-

Office Information

»

Document Content Snippet

»

ERGNZENDE LIZENZBESTIMMUNGEN FR MICROSOFT-SOFTWAREMICROSOFT .NET FRAMEWORK 4 FR MICROSOFT WINDOWS-BETRIEBSSYSTEM MICROSOFT .NET FRAMEWORK 4 CLIENT PROFILE FR MICROSOFT WINDOWS-BETRIEBSSYSTEM UND ZUGEHRIGE LANGUAGE PACKS Microsoft Corporation (oder eine andere Microsoft-Konzerngesellschaft, wenn diese an dem Ort, an dem Sie leben, die Software lizenziert) lizenziert diese Softwareergnzung an Sie. Wenn Sie ber eine Lizenz fr Microsoft Windows-Betriebssystem-Software verfgen (fr die diese Softwareergnzung gilt) (die Software"), knnen Sie diese Softwareergnzung verwenden. Sie sind nicht berechtigt, sie zu verwenden, wenn Sie keine Lizenz fr die Software haben. Sie sind berechtigt, eine Kopie dieser Softwareergnzung mit jeder ordnungsgem lizenzierten Kopie der Software zu verwenden. In den folgenden Lizenzbestimmungen werden zustzliche Nutzungsbestimmungen fr diese Softwareergnzung beschrieben. Diese Bestimmungen und die Lizenzbestimmungen fr die Software gelten fr Ihre Verwendung der So ...

\\?\C:\588bce7c90097ed212\1032\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

»

Mime Type	-
File Size	1.92 KB
MD5	7deb1cd834ff55667513d0f7e8da8430
SHA1	8ea63cc9a20942dc8f17e8c45e00af8cd68ef360
SHA256	6b2fd9254d980504b94bde69ca800c88cf1ba594d4ac9e99d2930d9ca99e5177
SSDeep	24:QG/zkQ40TUauNN2X01mVwxD/1dmVDFOQO6qO56zevmczYOtf0rsCFi3JGRdNeACg:rdp4+wxT1dCOQyzevm6f00Ghae1
ImpHash	-

\\?\C:\588bce7c90097ed212\1036\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	213b1e6692d3ec3777032cb85e06d15c
SHA1	796617f3549ce9200bf24962a443307c0d8bcffa
SHA256	830f9b923ce726f8cc7058f15b994c26d387e9db72cb75217e02eeac0d15cd2e
SSDeep	48:rdp4KrkU/gBfB6cE5fNKm6XKvIMtIo/Kv1:rT4KrkU/HcGY1MtIA61
ImpHash	-

\\?\C:\588bce7c90097ed212\1038\eula.rtf.bbawasted

Dropped File

RTF

Unknown

»

Also Known As	\\?\C:\588bce7c90097ed212\1038\eula.rtf (Dropped File)
Mime Type	text/rtf
File Size	4.15 KB
MD5	58e6e6d6258994d6a08c6101f11f302d
SHA1	df2db9da70204cbb539d17df860a6c45613ef086
SHA256	70546babd12afaf9ffcc437712df5491ddf9a6af8ab4f319fc0ea23afb186726
SSDeep	96:k8BfeEfTtXeTjXyZD+dtQRzrGJ6JwtxYMpDNeb6CZXKEp5/Eupwy9Ep+LM2:kgffCXPdOzSJ6JwkOBjC0V2
ImpHash	-

Office Information

»

Document Content Snippet

»

KIEGSZT LICENCFELTTELEK MICROSOFT SZOFTVERHEZMICROSOFT .NET-KERETRENDSZER 4 MICROSOFT WINDOWS OPERCIS RENDSZERHEZ MICROSOFT .NET-KERETRENDSZER 4 GYFLPROFIL MICROSOFT WINDOWS OPERCIS RENDSZERHEZ S A KAPCSOLD NYELVI CSOMAGOK Ezen kiegszts licenct a Microsoft Corporation (vagy az n lakhelye alapjn egy trsvllalata) nyjtja nnek. n akkor hasznlhatja ezt a kiegsztst, ha rendelkezik licenccel a (jelen kiegsztssel hasznlhat) Microsoft szoftver (a tovbbiakban szoftver") hasznlathoz.Amennyiben nem rendelkezik rvnyes licenccel a szoftverhez, gy nem hasznlhatja a kiegsztst. n a szoftver minden rvnyes licenccel elltott pldnyval hasznlhatja a kiegszts egy pldnyt. A kvetkez licencfelttelek tovbbi hasznlati feltteleket hatroznak meg a kiegsztshez.A kiegszts hasznlatra a szoftverre vonatkoz licencfelttelek s ezek a felttelek rvnyesek.Egymsnak ellentmond felttelek esetn ezen kiegszt licencfelttelek alkalmazandk. A kiegszts hasznlatval n elfogadja a jelen feltteleket.Amennyiben nem fogadja el a felt ...

Embedded URLs (2)

»

URL	First Seen	Categories	Threat Names	Reputation Status	WHOIS Data	Actions
http://go.microsoft.com/fwlink/?LinkID=66406&clcid=0x409	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL
http://go.microsoft.com/fwlink/?LinkID=66406webhelyen	-	-	-	Unknown	Not Queried	... Actions Show URL Submit URL

\\?\C:\588bce7c90097ed212\1038\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	05c7a45e9dec18bd0e0934a20f9f1df8
SHA1	146f7e9415b7f649bfc444be4b181904e01c679a
SHA256	809bbe75fe0c05c19877f574bff91c4060f14825c60d7d1f6e10d1f740f3364e
SSDeep	48:rdp4y3MfwuIgBwEXrphwdoSj2zdF22gRAfF9D1:rT4yHgGEbIWSGdF22sCFx1
ImpHash	-

\\?\C:\588bce7c90097ed212\1040\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	0ca99b46b0d23236a88f0532e9547f66
SHA1	01a2764170e27843f455286a4a5203c0f43cb108
SHA256	2af18432ebe76b00c1e413b60164b33da139a0cb58f5dc325c9bcae90d4985b5
SSDeep	24:QG/zkQ40TUauNN2X01UJWMPUmOBsvK3AvEubplwK+k4uJkhVrVEOcTpNR0VcEdl1:rdp4g6m7vK+x+LusrVEOupNR0SNfih91
ImpHash	-

\\?\C:\588bce7c90097ed212\1041\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ae10cecaeb62f25cdbeba02e9df9e002
SHA1	e8bd46bbbcb46c8395a7078756d6d3e10c9cbe5a
SHA256	38172ace7a951bf701eef2c1f70790fc2015fa6df2b08f2819c40f541a2e4fd8
SSDeep	48:rdp4CtKUcf7ZeUypnw7e3smU2/wbdyPUltdKWDL1:rT4Ct5cf7sUya7e8mLw5Z4aL1
ImpHash	-

\\?\C:\588bce7c90097ed212\1041\LocalizedData.xml.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a8b7fd1d4a502f0d3baf8a1401328298
SHA1	1254250d9ad983a5c52fa79297738dcdbaebd7b8
SHA256	90bcd45fbd7f3c0c4fbe621f29ca8b782934ee9af2d9b01867ad58dd6fd85075
SSDeep	48:rdp467wkLm//B90oqFoc2Kvp32ZyZHjwQvIKb6CearnHT3hZx1:rT4bka4oWoc9hmZy+Qv3LdrH751
ImpHash	-

\\?\C:\588bce7c90097ed212\1043\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	0adaa749eb10e106225843be4e21af13
SHA1	5b2b2b8b17df5298baf80b190b5929a449887583
SHA256	8807b165c338fcbc11f0ce9824cf5dcbdbb3f1ef1bee45b8a53c9e38482ef34b
SSDeep	48:rdp4gDk61Tb6pQXX5i/KZN/G3ZkEryvsM5sn1AAgejm4QWY1:rT4gDZlYQXY/sRvDs1Vgea4QWY1
ImpHash	-

\\?\C:\588bce7c90097ed212\1042\LocalizedData.xml.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	925709f6d6af3b61e834b1fb6f66a3d7
SHA1	ecc9b95b76715dccb4ed55c469cec2f781c05d4b
SHA256	e626cc5d22a2d7a518f88d5e77d232836cc46d2871c63081d6c747e7cd55705a
SSDeep	24:QG/zkQ40TUauNN2X01YRbIQhZa5eEyaXbD+/Oohh5s9uXshklPmY1qbvcQzJlKnE:rdp4oIAa5eEyauOoZsyZl+PvbnKny1
ImpHash	-

\\?\C:\588bce7c90097ed212\2070\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	47827c9efe1192da0e8e526d0d910951
SHA1	11ecf0d9acc4bbb457f1f1cf80bae7d417ea744d
SHA256	bc5c8d44f1f0b31d31250ec54dc80e48518f73f6ba6abdbdcaf0f9638d450836
SSDeep	48:rdp4C0WscOSU2h0tUtmG2VNozM4l8pnbG7jWnD7nOi2/oIk8POb8jME2/3Jh1:rT4FOpOsu3ozM4lg67jWnHM/9kngjMEI
ImpHash	-

\\?\C:\588bce7c90097ed212\3076\eula.rtf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b517ef63cd6c1fccc5245d2696ee8590
SHA1	26773b9ce97552b9f268553f7bbf5c0da49dea76
SHA256	6ed81922251e3d52ffaad7d0fad47c80be5682691525aa36f405bfc91de6ba12
SSDeep	24:QG/zkQ40TUauNN2X01Db6hsnllTRXGc3z6DEqos5pPjmc6LMYY28kaBt2ZV0Q2dU:rdp4oqVl64qJnPjviL2NP2cmbH1
ImpHash	-

\\?\C:\588bce7c90097ed212\2070\LocalizedData.xml.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6281f40098a5c828e901fbc602c19256
SHA1	c4fd54de2d349cf78c84e5b3ea45bb02e4f8df14
SHA256	772028efe1d8998879e6141b1e7d62323db517031b696a51fb11f83064a83bb4
SSDeep	48:rdp4fcnG8WqRQoZhzndWTxltbfDhUvPlVUJgcmWVL8tOLoee6I+1:rT4EtCor8vtbbOnlOlmw8tg3E+1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Print.ico.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	75b08123d49569e714d4d276bda42722
SHA1	d464dd10f5fdfee047325fc09cea7f749b4936f8
SHA256	325024e74386ff0d40f7f7d4f959f9a76b458434e21e71910bf87ab0674d229a
SSDeep	48:rdp4VZ+HaIZySbFu+xMFwwRL38e6nkUazHw0b1:rT4VZ+HTnuhFNRLD1zHV1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate3.ico.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	988b1a67a8cae2784df76ead18bda3de
SHA1	6b508eaa14519de378f191e5de6857d402ca1f8c
SHA256	4f05344375ee9728a9c8f5964c0a05c73169fd2d9ef2ee7c2a1e88039e192ce6
SSDeep	48:rdp4TCYJ72gGMXkLjGC5qrGRY2Z5tsrSv27/U8eCV1:rT4TClgGMXIsrGRbXY/tee1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate6.ico.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	beb3dd97d3d1f70d6296a1b68efe4db5
SHA1	5bf7a731611101e61d805155933c39880a70ed37
SHA256	c499f540da8869980c6569c4d8dd0b3bf52705e3a932331f07a23af7a0140c0e
SSDeep	48:rdp4/z8blj92i0+DFYwHNOENC3+W6xlS0Wh1:rT4/Bw9rCuW6jOh1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Save.ico.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ea13fb914ca3cafd8a89912a4b9ce46f
SHA1	b2d044b703d9f6b642ce038b1dabec3a334dc964
SHA256	fa05048b58dcb0afa5ceee06d89afd6b0b97402c637214181b46c471031ed11f
SSDeep	48:rdp4OBb84d8vTgzlF/+g0TBBCcHQdjC+vWHXHbK3gNz8dW1:rT4mw4d8rgJF/wVMrO3HbcgNwdW1
ImpHash	-

\\?\C:\588bce7c90097ed212\netfx_Extended.mzz.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	df6e2d00f09f1c526ab8fee3fd1bbe01
SHA1	9012c80c090565e3accc9e1ca6d71e2368c4052b
SHA256	54a61c038c106a1b98c046ef5acfaad777420f5392ad4879eda1ca20119523bd
SSDeep	48:rdp4Ma9olcaVSLXwlx/quD3dd6G/8NNW81:rT4Ma9olX8LgL53ddd8XP1
ImpHash	-

\\?\C:\588bce7c90097ed212\Strings.xml.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	355623cd6b9c1e2db6ddad7c0cc5ed31
SHA1	96fea880336c23abc1edee96e829d227d1e7d771
SHA256	9bde894b95774808112d45fdc4a03876e6a626ca4bc8e42eb5aee5606f57704d
SSDeep	48:rdp40laQlmCF5cb3hqemUrr6aVOw+lWTmLK9V1:rT40lawmg5cb35rr6aUw+oTqKn1
ImpHash	-

\\?\C:\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6753d03e7a61e1e23b939ed36f8cfe6c
SHA1	ada0d73030af11c5c086a2807a232b509a4031de
SHA256	56f3e7a82e680f713b40c8f705893bfbd88be2cdb1fc814034f7a503e33baa60
SSDeep	48:rdp4FS6hLMRsvljt6EWlM0nPh5OSDzJxW1:rT4E04ylANJs1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	393967f1f5f4479584ceadebff258892
SHA1	e789ea33139bfb0f036c0151e4cf1a13d850239a
SHA256	2e31d2c1f6d0dc5d709c1c6d35c368c72c46b477e1548f3c5586491baa49750f
SSDeep	48:rdp4eVdtWzuGhWZNxu4jNfki5Df+ZnvlCsk1:rT4eHcujNA59Csk1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	e66726a2ad569385455d9209c82b3c35
SHA1	d581fee991eaa637e6104c17a6d09246284e7241
SHA256	09d4a847f4d4fed10d5d956693c3410222c34d4cbdf6717999b15e8db75cb385
SSDeep	384:9hINe5BN5fNSNzN5NaNdNgNrNcN1Ne/NMcN9NBpKNtNmNzNsNINcRNj2NUN/NoSM:97LbUXCn5
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	84ba1c75a3cbe65d89f651ef4e263db6
SHA1	8005d9d498b88aa7e6f5597961cc9a017e3535ef
SHA256	8b259ad735fc188579af7628ddc2870249dfb07f8afc8fa408448cc67217e405
SSDeep	384:UhdIlItI2I4XISyI5I8IlIcIwIsI0ICI8IDIKIQzLI7InIGIrI5IUI/IRILIlIXT:UmFj
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Admin.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f0fd74d0bfaa1ce54b73646d70648879
SHA1	fa854bf69f768a7d15d1745d1543d5e285ca54b1
SHA256	1084c654b445ee4623a7ec7b48871004b13c447197dcddcc35b5746c8d1aa39e
SSDeep	48:rdp4X7VYlCMkY+K8bkIjAiHOFAqzAjo7pJ1:rT4X7VYlCMknkhZzB9J1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	09dfbb21ce5d52a7dc6a860aaf83b1fb
SHA1	50129c6392cba3cfa1074ff3ee28544317381056
SHA256	548e6d868ff3e9f247c048f1dc0878cfd39bf7f9e2154522ff284fa04b2395e2
SSDeep	384:vhh8VOV2DVxV4VqVpV6VXFOVLGV9VvzV3V6CVHVbVLVaVnVlViVaV:vLvO
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5de5a972c2d8668cf64ce9e5ec34b9c1
SHA1	23461d94f2b5526e40f7d42c3961ceb77faef519
SHA256	7b8ee2124c0010fe2b0a0cfb69711d6d767ece1c5e13921695a8184f888da9bd
SSDeep	24:QG/zkQ40TUauNN2X01ibqAP3N3PFUTGDjScr8loAHUuldmAVvJvYP/so6plkIpmM:rdp48f19UTtj3plXiL6pBYEw29QVbw1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	22d7dfb25c4c3c1e8fdc3e550f468c79
SHA1	2ee95ebe33c7d6accb502302fac9ac7fdd21a2b8
SHA256	72d6bef50482b5a8df525041b37d4a09d65e39b7b001ffc29bbceac859645960
SSDeep	48:rdp4fPnQKNTb1d9LiS6e7O/LcV976xo0dcSWl071:rT4foKNTD9lOYV8d5WY1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	62c4ced19a49b324ae99d5bfdc4aa680
SHA1	f0044354fa2639e8aab71e7ebf67918677e887dd
SHA256	2973f653cc52044d1d037f99d76a1460654ee1b59251641bd2f6ad963471387e
SSDeep	48:M+x1WOJlerP+MZQNRBEZWTENO4bpBY5oaeSSZDS9kqkp:eKNVaO8OotSoAkqkp
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5f43c7948e03dad9bdcbd46558bc0b41
SHA1	5a4373b4feb245f488fe52751b62c4e078505c56
SHA256	335b37c21a8c9c4f2038ac66764d80757f024cbc0a413bba2b1f847f8ef4a914
SSDeep	48:rdp4AP9QlxcocvnZ4vagG3OtXFZcRvwt2Be1:rT4tagpZQg2Be1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	eb23aa7baf3132cd4d69f3f5fa140582
SHA1	654b1999a3a0bca3915e5b6e79b92bf0d8529dbf
SHA256	30f63836f1b907a9167c488cfb8794bc2e721486fc79d19d162b2cfb2b7e7f95
SSDeep	384:m/hvLnCLyLiLHLsLaLxLmLhLYyLrL1LDLLLNLyLgLnLWL8LvLVLYLGLoL3L1LhLv:Qt+7QBom6
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	bdec103c12bfeb017ff8b87bc58d4431
SHA1	600769c65fa9523451ea5b43a7d1962dabd54611
SHA256	fc11d57e92c0e75d81eaac609313793e4c2c3d48a55638be1f0fe4364051b6ef
SSDeep	96:AARNVaO8FooS6mgmUA2Igd7mgm6SlphmgmcRGmgmm49u/mJmgmepFmgm:AyV7iLUlmLjS9L0LsPLdL
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	26e83194623dc79b9a3235fbd37d4fff
SHA1	b34a570e680b4c220ee14ee2a552dcf4f8d91e8a
SHA256	5f5f1e177ac4d4dd77431eedd99789d044f8d2a7883504bbbd5a1f365be3bade
SSDeep	24:QG/zkQ40TUauNN2X01Ql9fHeKvm54h1yYwRCdSpPM+5E/6CsSfKWZy0Qx8gVSRw5:rdp4uFFu5424IpPM+2/MaK98DYrhR1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	00889915784a78cafe19eff22ce913ca
SHA1	e408fc2bb7e974f5383ad393e8f66f06179bcef9
SHA256	2f22b86a975275ace78f8612702c1c59c8c681eca70e42eead001cdce205db41
SSDeep	96:GRNVaO8Fo0k5DmKvmzn6hkjMoMPEXgEt1jWE0jH3ECe+m7Tsbv:0V7Ck5iK+zUkjR5zmLyTsb
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	044f4b9e04c161290d8642fed03a8b74
SHA1	c5d40ac98b44512cd9e9915cb6f7173e574afb2f
SHA256	d1d71bbe1fe2bc9ae93378ad05ef57ae32dbe99205a004c82cac899728d0e0ba
SSDeep	24:QG/zkQ40TUauNN2X01oKIEm7GwKz6sWmQB/rYoERvjau5WlSxoYHliIQmGOABRaW:rdp4+7GlzyBD8auABs3lX/6D1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-International%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c572a787f936685bcc57789f8fbd7b86
SHA1	9ee742b91330bb9f3880340d3da7df474f72f38e
SHA256	05cf1e5181a4dcefd493ec7c9fa0e618c5dd4dcc8a0108d279360629dd15911c
SSDeep	48:rdp49QCBEXdwiztdsy0bpjVuI+v/tmqOR2fQ4s1:rT49QCBMnznsFtk9EqORg/s1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	df9b87e119c705e180d8c9046702fa7e
SHA1	0e57ff28c84fc88a4293f87e7f91df391d48ac34
SHA256	d5d5d169e8bb98f0e9670e902920ff0430f8a7e5bfbff441a01abd9329f879f3
SSDeep	48:rdp4pf7gkZR4KQKTEz+3dGBBvc9t9V921:rT49gkZR4KXoq3dWctI1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	f0d8c39d3345c260ed44971d71cb80e5
SHA1	18d7a8b4a72a3632f17179a7bc8c0c826858b01f
SHA256	7c8c944c6fe38b663dcbb89fd02baab823491ca6dd1f94918c19f9993da58041
SSDeep	768:q+akqyeNhkNGJ5owk7qkkYyQIN13ALyYYz2ZcC+hKSDAdp:fak7eNhkNGJ5owk7/hINMRp
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b3cb6321421314ecb2da425fb0fe9f61
SHA1	eb80a648e49f7c037aa1d75e352f246bec8ae287
SHA256	df4875bbb01ac64fd79d379e70079efbaaf3f2020cc490b2b09124c91462cc39
SSDeep	24:QG/zkQ40TUauNN2X01H+0pKdhsIQPDzRqIVk3V5iLBguAoq9cM5x06zfuSrydBYK:rdp4F1UsIgIZbiLGRoG1sHuyEnNDfW1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-LiveId%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	20b97ec442eaea57c1bc9d9937891b04
SHA1	a649cd11a404da1d367ffc163c995249759518cf
SHA256	7a1a6d0f1a64e92f03df432106d6212c600a7e6afc854ffad38f2026d47961f3
SSDeep	48:rdp4Ie9yGIVFiO+ZVZcxUu5ZwCtOLhBLk51:rT4p9FieG5Mh9k51
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-MUI%4Admin.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	bd265cfeda374a17045281a6fa3b4380
SHA1	082b183b8186131d2c62d00589ad1f2a933f6f42
SHA256	3979d6b0331a43b16a633160158aff7e31b8e6788e03192d0c86befd7b6abe5c
SSDeep	24:QG/zkQ40TUauNN2X01jX66KKWMkmcUWwrXrzsASI5B2FnI5w1ak3dvvugucFuM6A:rdp4x6hbVmsMrzhzBjwPvGWId61
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-MUI%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e47874ae25098d5a2dd0a20b65454207
SHA1	8989157902175465496fa7d91a60b73d52a38154
SHA256	8ad7947636acc205314c761f363a49ce4319534f302cffff208a7b2a8cf4374e
SSDeep	24:QG/zkQ40TUauNN2X01yp0GSvL4UMp7Y+lKPhe4wTMFIkFh8CSZqQDKZl8B9kezlR:rdp43o7Y+l+wTMFcCIqSKZWX1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Ntfs%4WHC.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f73f21d39cdc605cb757848130758f9d
SHA1	98ab9153d7908d06960a0f8c147de4a2af844105
SHA256	2a35f33b091aca3a20cda78b4178542bcab6e15c9f40d2b94693a80950da4dd3
SSDeep	24:QG/zkQ40TUauNN2X01aAVwl14zjQssPVR7FtuytmVItBQZiKMHpU8diQGjQrqtoY:rdp4UWstR7nuyz15VZ3Ea+5akGj81
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	30111f624555fb01bde5d83437a789fd
SHA1	5d4d45537814fabadd1393d58864941c272b0a7f
SHA256	f063b3dfa81192a17d4c56deeb3f733a2ac126a0ae7ad52d1f00f2e70cccf2e1
SSDeep	96:cpZgRNVaO8FoYUYhO4lChOnhZpbhOnSaT:kMV7WV84lC8nTB8n1T
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	2b232588b39638df50494da233e28cef
SHA1	c5fc73465d5184035d75e7b0c4c32a0150470c46
SHA256	3a98836db15c72109e538ddceae86a35743ca8e467b9a1e750419467b9f190a7
SSDeep	96:DvRNVaO8FoFhTlbRlluGlbRlRFQlbRlRPlbRl:D7V7hTVRjHVRbCVRbPVR
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	cfe491c870014534069a710b739293d6
SHA1	4d9bb70b50cb278e12de54aa948e8e49d55c3720
SHA256	a049e0d851ab1755a8513b9d850ee598739611282e110d925602852d0addf967
SSDeep	48:rdp4IUPRwyCaE37tGide0z4U6scW1ehlI9J1:rT4bP2N37tW0zGaezE1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SmbClient%4Security.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	d680d97050fa4bb0967b171fc4eb6d9b
SHA1	62509f2599eb996720fb151cbd8f66c1fa79cac6
SHA256	1782c3b7f66d1e2c9e93afafe0508d76af85b5316dc3f4ba7a032ad0153a7289
SSDeep	48:rdp4YyOwhikQHL82lMazzf8ux62W3HaL/6w1:rT4XOwhiJLx8G6Z36D6w1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	fd2e29cb32e5a545ada928bf37caed56
SHA1	809bca8d2ae699015326ea60630510a2a69eeb39
SHA256	8fc5f17cfb2b24d183f42fb5adc97baba27e8c62799ab5a413e387640a544b01
SSDeep	24:QG/zkQ40TUauNN2X01LlIBTEz1I5d92NPrpaYRTDfNwiSyoMx0Ss1IyLmCLnJzj5:rdp4JkTEz8PQsYlDfKiSphv5rnJzjLf1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBServer%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-SMBServer%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	bca10150bf8b97e8d8603b2ec0320977
SHA1	e12f2123b224e6ad741ac5f65fd5b98978d3811d
SHA256	e44dba15363ab15f190ff975c4360a9a5805461584b9bec3ec9f552e531a1382
SSDeep	192:irV7yk6pYv6k6hKmCk6h0k6GtWk6q9k6h8k6hdk6:irhyNav6NhKNNh0NG8Nq9Nh8NhdN
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5177bc58842eacce18239136b77f7b5b
SHA1	abd1522380879b2c03f6f2f261287a7468316f08
SHA256	ded628edadb74a3800e6cd1360577c775e578093da83aee7b85845e2b48e8ece
SSDeep	24:QG/zkQ40TUauNN2X01GW9nLS1hOwLMa0O4r7odtF5H4uaiUCfOxX28pCtXJKZ2sw:rdp4ciLPwg+Io1JijG8pC+Z2sNAv1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	96868e7ae8855d6c638acf3f789503a5
SHA1	5b31a514f80f5668ae1e7b06c1229694e1fb542d
SHA256	66098ece34f3387bea124e4edd80f6787476abd528c4716e25d7c78cae86f6b1
SSDeep	96:NvRNVaO8FoaL8Hmv8HsS8Hmv8HK08Hmv8HKY68Hmv8H:N7V7cZ7SZj0ZjZZ
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	11a0d0e214c2ef3a5564a91f697d7371
SHA1	b69cd8145de1e7a5148b5269d99bad15901a9ced
SHA256	3a6c3174726a199dac883a579210878c84a3b1b0f75784334540dbe65b0160a0
SSDeep	24:QG/zkQ40TUauNN2X01aQQ2ecadG/Hfu/ezYnNwL+xIMYYoH5xF21Uwl02GiLY7lv:rdp4TLPH2EuNtuzZTXSdLkvbD1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TWinUI%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-TWinUI%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	e69c409225ead9ada57461dce6719fa3
SHA1	e3bc631f4bfbfc8ae320ba7775fc38b38cbcf281
SHA256	f7c9a9f816c2ffec10b211114f92a1e7c0515748257e6b14760d4c153374bf31
SSDeep	96:c0RNVaO8Fo5Yi2BnBwi2Bfd2Gi2Bf7mxeByZdTqD185TRzDDT:dV71GnLGF2DGTfV8D
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TWinUI%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5d83ed2feab3ff2829448e261a01a71e
SHA1	aa6f75570a457e95e698dce01ee6792dff7a214f
SHA256	e57aa5fbed9e22da4a316581292cb6bb0631d5b0f685f61bd5ced1d0a654159e
SSDeep	24:QG/zkQ40TUauNN2X01jW4qe6Pfvj9RKIzm1xe5Se/5YnFRq3R4fRBqnO8qd+Erfh:rdp4RVq9bnzm1xza3RoR98Urf5szO1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8fde5bbcaac7306d6e5d4ab0564a3446
SHA1	f85947d10ba117e9c34bb44db0850104f38be875
SHA256	529d5beb32c2925dd33c6d3ca989e583958e5a244febe2c48ddf1217e5db376b
SSDeep	24:QG/zkQ40TUauNN2X01SxI2CQttZrlHgtNfE1xqhWQIx5lwYn7Xi/eGTZbpliiUlX:rdp4UwQvZr1YNs1MAh5lbX0HTZRi1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	68a9582e2d6d4c2ee2d9ffd10799c255
SHA1	9a4566dcf7ddd92935f40a6cfaff7b7086c8a93e
SHA256	1f5daeb076a27929a4c78596ef2f2372597f7e85bf412a84d0f394f83234d866
SSDeep	48:rdp4RQJOXpule9nBvvLFuivn0PHOPj1KZkjvi1u7/pfL1:rT4Rm3lelBvzFuivaHO71i+uutT1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	c35f978ce7f31d9fc1eb185a70fa09bc
SHA1	9ddffa1fb0bbd40ba55e61d9f8fb7f2bcf365181
SHA256	844a69000778cd82d9f03f9ad25699cd973cdc7aa3ae75cf0059cdfe859ea5b0
SSDeep	384:4h9hFhjhHhchXhQhAhphh0hLh8hthHhohDhxhshRh/hNhthQhQhehzhWh/hIhDh:4Y
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Wcmsvc%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	449819400fe5f6aecf2c607ec7746bb7
SHA1	90ba9faf23695d3f40d804f3473ad181f83a1e7d
SHA256	7ddf0da533c6e61c8e520f2500e2ebb8da3944ff1f05de9896cc5952c2ffe0e9
SSDeep	24:QG/zkQ40TUauNN2X01L07EgoldvzAq3EOqo13XbulCzMejM4Sle4YpcnqrUwCNV1:rdp4SX4lEnutXQGpP4YiqrDC3eE0h21
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	183d13efa3bec2574ec72fff97a3ee33
SHA1	568bf248f8e575a8b696c66de2ac3e1673d237e7
SHA256	d21a69dd0f7ed7dfd72cb6303d9613de2388d6f9456a7a20f49bcc4beb37a6b2
SSDeep	48:M1vpWRlf0rP+AQNRBEZWTENO4bnBnzotlAhflGwlzlfwWzjrfwWz7sWfw0Gz0zfw:9RNVaO8Fo0hflGofwkrfwYfwEfw
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	37aaa28fe97be5f35b78091601036da8
SHA1	70e72b4e99e400760be20a1bd1ffe99494f563db
SHA256	97032bb25b42dae029807e6205138b7bf6ceacb9f04a654230fad3b710337dc0
SSDeep	48:rdp4dEFpjuMXY1GxFaNltL7FlZoyCB3vQ1:rT4dEFpjuMXYYu/jra3vQ1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	32034b00366c96c8344063e35b4191a9
SHA1	abd64f25923592f6f313560c82a0c19a4adefeb9
SHA256	119a04c625a39a824758a5dc68e302b69f4fb48cb0937105fbb1704d7726fb70
SSDeep	384:1hAR6kKR1RDRMRTR3RdRfR3RzReR7RaRSRrRnRDRgR7RDhRSRSRgRzRzR0MRtRfa:1CvGOr+uk2kMcscvK
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-WMI-Activity%4Operational.evtx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	222a898cc0df6513bb9f9f87c98a6363
SHA1	52fd18f61a48d0c4f8f937d02c6dea49cc72b16c
SHA256	1f12a5c2594a1686eee06fe232ed5051261250d216a9bd29029362c6c52a4918
SSDeep	48:rdp4N1xui6AacOOWlZcru9umF7bsqyhM1:rT4HbYhorSnbSG1
ImpHash	-

\\?\C:\Logs\Security.evtx.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Logs\Security.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.07 MB
MD5	d5778e228716f11c727dd34a73d10e18
SHA1	56ba086eaf26478925547c39027227ab474c47d0
SHA256	eb049b2d41830780509f5335924e6bf0909630c7d95f971403088559ba72cd9b
SSDeep	1536:mwe4Up7Dhc91CMvbVv1dSo24nWQnFbtPIIgzk4ur/DVRiba/eJIEWKscPBrVnSAD:mw3Udlqvj+fAnsxfZ1mpc3Q5
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT.LOG1.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	acc2365e313bbe64e1ecb2781bdb5008
SHA1	30cf35692b285fe88afa0d878007141aeb182e02
SHA256	39c61b93ff257e624eb17a6d006644b3c2d687d80f2616982d034a74c0c7e823
SSDeep	48:rdp4+C+Ykpa96RXjlGiUVw4hYLGsi4wvQjx1:rT4+C+Yoa+jZBiPY1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000002.regtrans-ms.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	edb28311be15aba84cef38f0997b2821
SHA1	59db57b7bf8dfcc8cc929ee03d4a0fc2fb419619
SHA256	47e23480d405d18c64d90212a34a9e6364269112f1ede0926fead34050ba268d
SSDeep	24:QG/zkQ40TUauNN2X01fifN3WOIgOwd1I7/QsvPOU6Oail5yempzP3CkywbrFykPd:rdp4NifN/vXYksvNVGPSkywk7zlG/g81
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\0PrNu4iKjV-La9s-.png.bbawasted

Dropped File

Image

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\0PrNu4iKjV-La9s-.png (Dropped File)
Mime Type	image/png
File Size	78.58 KB
MD5	9fab4b5d43609cd69f1125273d979a06
SHA1	4161d97ef8710cc1eca06102f6dafeaaec9e4318
SHA256	0e566d1c9ed3e0b8b293bd52e608da6f6edd0c2227fd092f76a559feaedc95e5
SSDeep	1536:WjaqQ4+ra+2ygZEgfqQ0WIOA5YvfQg7CFh94Xz2QQgvSX65GOim:WmHPrB2yMNyFWIO4YvfB0L4jJTGOim
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\0PrNu4iKjV-La9s-.png.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e54cb977f6c1553218ec47d19b2c87c3
SHA1	2bb239bd3ab1fc03b9d7e3189437c9f9e1c40650
SHA256	68ffb035884163edecbd71c43a0036ffc0253d52fbd2d07d28f9ee38f1c5a8f8
SSDeep	48:rdp4WkemBo3BGqN1yA6WcXvmqFlXWeMIapBovUX1:rT4yvRGoy/WcX+sXWTpNX1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\3GMvM-XW.odp.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	1efa1f68e4cef1759092edf4762748a9
SHA1	15df0c2110b93c792fe439d2a90444a4e09bb784
SHA256	25161b2d79b85c6f95f33e19f5cb4d9903822fd9d81b1b82a79eed9ed7a9dc0c
SSDeep	48:rdp4ia4txyLu9MltnAWqAa2uLOLdE4LXnil2j6bV1:rT4ia4LyLPltA1L26OmcXne2j6bV1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\5YB3PmkbOzi6DyRf8hg8.bmp.bbawasted

Dropped File

Image

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\5YB3PmkbOzi6DyRf8hg8.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	5.12 KB
MD5	4a25fd8417b052ef3ea21e96f9c8fec1
SHA1	868b419c19348cba6edd392535361137c11cee4b
SHA256	f10f100a4eb92ed07da962fa88951cb787625e739e1e22f11b82a8ec122dc76d
SSDeep	96:MzU96oFraxtIymKkLok1Ty1eU8RCiZidZgAjw2gfToNgQL/qEF4H67JCuqMR:AyFrMtI3KzkJlMWqw2iQDqH67UCR
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\2VSAU-Hov2q8BSqn.swf.bbawasted

Dropped File

Shockwave Flash

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\2VSAU-Hov2q8BSqn.swf (Dropped File)
Mime Type	application/x-shockwave-flash
File Size	14.81 KB
MD5	5d53ce88fe159cf863d395fc319def8d
SHA1	7b1be908e24798cd37edeafa6c5f86ce99a40d71
SHA256	b7286265697ff93efa5ede6050f9ba5d07091f4de4349086a8916f3336fd03ff
SSDeep	384:7iRhB0zXkGOBTT7h5liPYs+ycoK1x4JTRoOb3iqn4so52pQhUB:7ISQGOBDh5KR+yhPT7oYuhq
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\2VSAU-Hov2q8BSqn.swf.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7de588fbdaea235b5f96eb924a6c6ea0
SHA1	f80e996b6c9ba5daed511e0027d65dd02f3b8d28
SHA256	480116ab07ef57e22f61ea66bfce007702c81d54ef974026b20eff9a69953764
SSDeep	24:QG/zkQ40TUauNN2X01clrhFXPq53sy78tdtb6DYa+WofY90ETBM3Ii5zReiPDVmO:rdp4KZhFXP08PtIBofYq+SLVmeNlYa51
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\hGz18Fu.mkv.bbawasted

Dropped File

Video

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\hGz18Fu.mkv (Dropped File)
Mime Type	video/x-matroska
File Size	42.23 KB
MD5	ab2b632570d1c8d706d9fc36ddff746a
SHA1	58a381adea7e80c0cb2da130181e609580f920c9
SHA256	508d64333073f512d1eaac5bd50771b1296ebcabcbf4b15528897a4c65d5795c
SSDeep	768:qbnAlYHuVMuqjpuxLhbPSEoVbmy2vIJ8XPnwmS0ERAe5p6h1J954RNpoocMPzBHp:nyOVMhjstyq7vICXYDjpMr95uN1cMrFp
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\hGz18Fu.mkv.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	be0ca1d51547f58a739c660a2e278312
SHA1	9aa104b5666ea93bcc6b9900634f569b0d2ce0f0
SHA256	6ec242460c6da1db88d2c567d92b0a99885913bf4aeb613fe7235af05382c485
SSDeep	24:QG/zkQ40TUauNN2X01biJji+qkNVeP/G8ipGtqR8oLLHW7KElJKReL5vtx0LQysG:rdp4xiJJqceP/G28nElJKa5lqca6KPV1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\i G6AmFq6B1SN 4NgF.mp3.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\i G6AmFq6B1SN 4NgF.mp3 (Dropped File)
Mime Type	application/octet-stream
File Size	71.85 KB
MD5	3f7095404ba544852535b08c556e8d74
SHA1	6b3f78d3c1cf531ff49da08ae85d07ba334dfdd8
SHA256	5b7c19eef815146f889558106a03e4309b19be4e29625aa1fb4e2eaed3179534
SSDeep	1536:14RoD2mn4T68M0nngFuxaYhFL1ldn03FWrRKScxTZkBy2umhEUk7Q:1RbX8g3EjldwFSKScxlkoLyEu
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\lTa-CKjc0uMl6C03pW.swf.bbawasted

Dropped File

Shockwave Flash

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\lTa-CKjc0uMl6C03pW.swf (Dropped File)
Mime Type	application/x-shockwave-flash
File Size	56.92 KB
MD5	26f185a44b6e653b2960bae7502613dd
SHA1	b5d37a3182a9f033d5bfbe15ed505491d0b560af
SHA256	453e4b140be12ce4c8638d6f97583021e41d60bf902f09fa5d82e7c695047879
SSDeep	1536:NqNHSJRadqcDngI6aKJCfpENK2BnrxobEZV7CZEM7:kNsaLD6aKJ0pCK2BrxpZV787
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\As4kVW3Om-6GF.flv.bbawasted

Dropped File

Video

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\As4kVW3Om-6GF.flv (Dropped File)
Mime Type	video/x-flv
File Size	17.88 KB
MD5	375f283e6ddd4cc4b37634a40b5b166d
SHA1	99287ef02b97e5256110e3e1211ba85ffd4dcec5
SHA256	7f3c6a6c440eca0b0de5fe75cec572bf6244a7614e6b3d949c068d94a926a1dc
SSDeep	384:iCU51KIzoJuIInpfN0FMbGipjvGSeP1wzblOW6joGedQlIiiXGI0:ilFcIpN0Fw53cedQuC
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8T-T9rK0.m4a.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	50534eeb3a14b58353ea0510c7c004d5
SHA1	c3d959d2adabcec1ee3202226eef22346490de28
SHA256	d6da62bf7480ee27d21122192af1cdaceada29204c14b47aef63eb71d86c4478
SSDeep	48:rdp4TOvkfqc8d2IDkEEOPQ1EvxBOpxMrbSaLuLhO71:rT44nTP86hiaLuLhO71
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\AVOpHcf3wm02xwY6.jpg.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8a0daa6a07d3a4fec2fcc2a9119228ba
SHA1	602abeb70771a1ee088537f35c74a3766410df9f
SHA256	bc07396204faab9afae4ba1578b81d76c854501fa3eeef0e7e712ac3a77728e4
SSDeep	24:QG/zkQ40TUauNN2X01iJ7b63g0tD4JibEyY8IlZSmpJGqp3FZW1HdNi0O6hshO9o:rdp4m7bcCoEyYLlTT1ZWk3hkay8H1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\aYj6iZRBnapFPEU.bmp.bbawasted

Dropped File

Image

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\aYj6iZRBnapFPEU.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	60.89 KB
MD5	e8d70f22d2db35165d86d86d38e0d466
SHA1	78b2d27445149ab924147632d1e552dfa2ac5ed5
SHA256	30f0f551acb37b46fb8e0b0f5d7d2a135d88e0989f2f9c82bd5627ee743f3dc0
SSDeep	1536:K5ZbRhNw7X8GG1OfBdHZMz59qZISBV5MTNZi92TksLovdhyT:sKT8NOfBdSpC+TNZi92pL8yT
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\A_8bQKRXNWK l3WAM.mp4.bbawasted

Dropped File

Video

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\A_8bQKRXNWK l3WAM.mp4 (Dropped File)
Mime Type	video/mp4
File Size	22.15 KB
MD5	4db84c0aedbf9303ef0f1bea76a8a91f
SHA1	6641761706fa17be7af1b9319f6c333fea41eac8
SHA256	bc5d27bd4688d499fd25f909693644d4a8078a757b2462e5de37250a2efa1494
SSDeep	384:XTxe2p8iP9TKch0L4hTV0Ek7uTfUxb+GezvU/jcumNZDfYHqXG8TTP:XFe2p82Trk45lkCI+GeGwuQZDwqTP
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\A_8bQKRXNWK l3WAM.mp4.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	59331e594c66a2ad758297edff50e0f8
SHA1	0dd7a4af90acb7a6ff409f7f560ae68dbd27ade8
SHA256	11a77334f80ea78419af6de4be13ef70a906904cec2930132effcd049503e8bf
SSDeep	48:rdp44Xodlm+NJ9awhe70OBlguY42FUFOI6wlUvWg1:rT444dlzjy0OzgRE64UvWg1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Ewg8tWd2.ods.bbawasted

Dropped File

ZIP

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\Ewg8tWd2.ods (Dropped File)
Mime Type	application/zip
File Size	45.13 KB
MD5	2e9838c726d098f1798a679540eac868
SHA1	ec48eeb94e197f09b464a086cef38b88106604e2
SHA256	04f2e3a6bb90a8b84e2073556fac4154a1ba5d8a7844101c53eac86c56aeb178
SSDeep	768:lxxsVuoZZ18ytxwygNGRfGEjvxCZDUx+WdCx1iJjW+gDH1OoknOrfLdYcH:lxabZZ1ntxnJROCmDSj6ebgz1lkOrjbH
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Ewg8tWd2.ods.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	284fea4c1b3228c775423632bd55a685
SHA1	597d692b1b6f06d557976bb985ece3a43f03f4ae
SHA256	6b9f4a99fa011c507111cdc7db4229d8bd926c8073cf78136be5d9a2cd9b0244
SSDeep	48:rdp4ol4Q3P844l73wNKSOJe++Ph/kWTIxPrP1:rT4d4844hAaM+AhZI5r1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\fqNkaNofmvsq.swf.bbawasted

Dropped File

Shockwave Flash

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\fqNkaNofmvsq.swf (Dropped File)
Mime Type	application/x-shockwave-flash
File Size	27.34 KB
MD5	b036d68c351427922a172df07f58f3db
SHA1	1f99814938a7637d1a259ae3223cabe04fdcab12
SHA256	d252c9038696e2157fa6fbbe3ca06a48384aea02d8cb730301fe1fe147810a5d
SSDeep	768:q3znIJl3V75UUzknnShXXUjfEFp7c8BNAHMaV3:oznKhF5insUjfEn7cRHMI
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\PUrei.m4a.bbawasted

Dropped File

Audio

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\PUrei.m4a (Dropped File)
Mime Type	audio/x-m4a
File Size	94.11 KB
MD5	bb90f79504726553c89e607138545c77
SHA1	aec7a2c819f8d73b63a908274282dbd9b732c4bd
SHA256	efc6f871a1f9177f281384a51930df8b12e624dd638ef8c92f6dd982c69c5e92
SSDeep	1536:LuoAs5tJOBY3fTUj021NrYSIk+9cIkrm+5YAxP+d9U7wDTKE4xeE3Hn0hQ6A1xhK:fAs5tJEYvcNfzHP+3U7wDi0ssQ6A9K
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\ovQDUkiEQ.wav.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	d4ef713be18dfbd0401b3f623b7c1cfe
SHA1	64ecab97a8519bb200161d2d5202e936ff895ffb
SHA256	cb7629ae1677b4c4f9126a57d7d63f12f36283bde33e43b284acb571e27b1d5a
SSDeep	24:QG/zkQ40TUauNN2X01Qoosl3I/kkWCxSrEE+OVs6lXiuikpX40nv09h9ltpMREeN:rdp46oz3IcKNOVrlT1vW9hgEnpIiY1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\qBU9TmFTTc82vt.ods.bbawasted

Dropped File

ZIP

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\qBU9TmFTTc82vt.ods (Dropped File)
Mime Type	application/zip
File Size	31.87 KB
MD5	8aaa3124d8b90e559d8bfa07de30d408
SHA1	c3251c95edc8862559c498ee65aaff2f9d79fb5b
SHA256	71964cd2597a9f89f4825275edc7a74e892dc164fec095bc6e6f81cf7ec0e7b4
SSDeep	768:Ohf+rb1OcHbckT/44kiFCQIfjLP3S4i9nhAp78QJm:l1Ok/4UFCQIfjLPRiVy9a
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\skEksEAr.mp3.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	017505bc8d8b0e8831bc038e150e5e5c
SHA1	1dae64ef264495cc03249658f9289aaf3736c3d3
SHA256	9a2421e527ed04a38780dc1d58c6b59a60dbf0a946470450f8ffe34815513a56
SSDeep	24:QG/zkQ40TUauNN2X01saAOSPpBGRBHaFM9wVJET9vV3gQ3GfBCkl0lWoR/+Ekcql:rdp44OQpBGKBVJ+gvZCkelXR/xS6t3k1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Ti_XB2Wn6yZovs54d.docx.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a0097de8270d24dfd4b772feff23a39f
SHA1	2df32790ec3161aa14c62466d58de40b1f56efd5
SHA256	0a83f1fdd8027f3e76c50e7b9603a8626e7e817186d6a9c1bfb67e8508e4b515
SSDeep	24:QG/zkQ40TUauNN2X01Bb4CHQAkkh+oqjQyXAlnEaohF/p6VtwlpGRjmYzOI+sc+P:rdp4oBW4wN4mwo3yU1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\wcrT-HU6VSvB0Tq.swf.bbawasted

Dropped File

Shockwave Flash

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\wcrT-HU6VSvB0Tq.swf (Dropped File)
Mime Type	application/x-shockwave-flash
File Size	6.14 KB
MD5	7870e5a44014b4604b360343f80d9c06
SHA1	3ab4bd3fd93da278799c11e4bf236dedb241f9d0
SHA256	b784fd33a0763261f057d5c5f0308f44582083bd97f111d33d17ac3d152b866b
SSDeep	96:CObV8ukZbZ/1VUwalw0c90r3sM8/8GN9uf8BtQVgvnAgGgCpIthtfMt3y3mg:CObV8uQ/kwQwh99/8GNA8J/Vx/Dx6C2g
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\y6RqMI.wav.bbawasted

Dropped File

Audio

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\y6RqMI.wav (Dropped File)
Mime Type	audio/x-wav
File Size	32.42 KB
MD5	10091556a55090439c750c3af9e915c7
SHA1	e77040195a8fa88780cc4afd2333e4f2528cf3ea
SHA256	0e6669bf562ae3315f4f9b0af8115b5f2f88aaa5fb4b8a0025c9477ab4aae781
SSDeep	768:FdxAOuyR6GfNuTnkWMCPDDGXHLjd7rQrhJ3Z:F3AmRKnk5UPGXHLj4hJ3Z
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\zo_QeWnuo2.jpg.bbawasted

Dropped File

Image

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\zo_QeWnuo2.jpg (Dropped File)
Mime Type	image/jpeg
File Size	67.34 KB
MD5	5207095b22cb41723c75b5cf79f00603
SHA1	6d5d2f22e04e813f11b7a978d43399a5a61c506a
SHA256	733940624f58d0c3095183973f6b896fc34ecc8689025bc95a5eedf5146946d3
SSDeep	1536:X/28NKyOm0+OsEHrzYGpLE5vrW8aaAaytzpLCGjfrVOBuji:Xu8AyaLAGCxytz0WZOBuW
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\3xjI6p2E0wKzgqkV.ods.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5bc99026d64692963f5def8be66fd33e
SHA1	3276a3faaecfbe0169131c43f9ddc12569b55c21
SHA256	70c8ae8e641ac936bcfb583f180924444fd5cfb10435339b00344a95edbe0581
SSDeep	48:rdp43quDvM4HYce25hhujvMDmzmqlpM681:rT43qurJHyGujv+mzmq61
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\4bZG9nnAFK V9iapNmDo.docx.bbawasted

Dropped File

ZIP

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\4bZG9nnAFK V9iapNmDo.docx (Dropped File)
Mime Type	application/zip
File Size	87.18 KB
MD5	4f8cd68ac69ffe06a8fae2c8d66acd43
SHA1	6babcd8485a3a2358f4ad26c56fdebfc9ae0aa37
SHA256	4b47a8745ba6f4640bec45ab071152d6d83b95c9c6fff3c5b6ca9379be39ddd5
SSDeep	1536:zy6C6tHb7qefECWdS2AN8lZR3xOWVp16DtOYZ9OuWpnmNYxdk0RsU9ocryY9MIyz:zzPtHbG46hAAbxOWVb6c2EPk0Rc7z
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\51mXRb3inE1OoIv4siQ.docx.bbawasted

Dropped File

ZIP

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\51mXRb3inE1OoIv4siQ.docx (Dropped File)
Mime Type	application/zip
File Size	97.22 KB
MD5	4edf7e32d6aa4930d91ca8a8cfe1f351
SHA1	e1f4ec032f5b36a26f0d3bfadcf3803ce3a89005
SHA256	92b27ea08f9f3c36f62b3eda3702ab5effee5863880e3637d4f7f27958b45ab7
SSDeep	3072:lgLZ8LL1zQ7aQ71GuEMaAQviXCiCmJHMgX:lgLaLLpaaQ7L+iXH3
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Ac27.ods.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3d516c891cbc3c2f7285499f7646eb8c
SHA1	cdf79a0a1441e998929d1543668efc74f4c2de04
SHA256	e167272e760f654c70e6c52222a841c64067f07eb1e6a07069ee04eaa71a1071
SSDeep	24:QG/zkQ40TUauNN2X01i8BklFTMJCDPpCAlU1ldLcMwqiUIXsdqufDpBrwJQi8e0b:rdp4Y8Bkl50AWnhw1XsIei9Wsp8QXoX1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\7qpgIY7ePsMtrN0.csv.bbawasted

Dropped File

Stream

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\7qpgIY7ePsMtrN0.csv (Dropped File)
Mime Type	application/octet-stream
File Size	69.60 KB
MD5	3218314028179208fb2f35d6f21c7a22
SHA1	ecd7193b78be9ca8cd6ef1b36113a8761cc94d12
SHA256	03bb1246bd8b7f6b1b38f42423fb56721b16c97a64b079b6258d2aae9ef5bc91
SSDeep	1536:zKgseB+/NT7BtPRnyBSNbFzQ09He9o/sTQ86OXQ51X301C:zAlTfP8k5FzVHefT/6vfH0s
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\7qpgIY7ePsMtrN0.csv.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	819bcb655f7bcad7195c766a446faa41
SHA1	5e41716569b6b61163c69aa6781c058bfb65ac92
SHA256	ae2d09de4d79c2d4c167c5a49142cde70a68f288b82b9b088696c4b077f394df
SSDeep	48:rdp4eSK3GeENSRGkDvCqZjITn/RQOTq7K/1FA1:rT4eZWeGmfZjITnNTq72FA1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\B9YL08hWdEn.odt.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a7a019d43ad72033e9d32f4d64b3023d
SHA1	3a3d34503c92cf335d995fc01d17651b9dd0a922
SHA256	a50fdb7c75d45190f9a7e6d01f95e060a7cb7982ea975df43e336998616c0905
SSDeep	48:rdp40pTsXZ4lCmKlljyy/4QMKYBSKcjjirRC+jLy2+1:rT40MZ1lRyy/NYcj2Cgm51
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Database1.accdb.bbawasted

Dropped File

Access Database

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\Database1.accdb (Dropped File)
Mime Type	application/msaccess
File Size	340.00 KB
MD5	5ce51858fa7dfd5c664885e44abc4b7d
SHA1	04a7d80a8f0153f39c3351fb5c6c7bd649a21a0b
SHA256	f0a90d207cc81848551a4b3c9d35d64cf0698e3b3fe24e8ba9bbdef901477101
SSDeep	1536:p8xNVnCvSs6Y6Vk/uFMIesyA2kKYjz7ZdGMdGyf/X275PQwFMc9NdGtdGt:p8xNV3GOG+wF7GHGt
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\My Shapes\_private\folder.ico.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	454a3c0898f74d8e49fe830e751ff540
SHA1	72fabb0b06656596761f2f2f97cf31046cd703e4
SHA256	98687f27cfcb59563c130702360f0bf1f7fb7da48e972fbecab87ca7dbfbed40
SSDeep	48:rdp4flgWbCIrGHx9gUej68Ls2UrfYLplVesHDyydu5Gr1:rT49pZKgUej6+hUQxeaQS1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\nSJTKr.pps.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	49ec20c3dc853b2fc51d984bfad96a88
SHA1	6d8d29048cbac13918975c6aecda359f390fa10c
SHA256	002b56bf6b3973bc74cdd0dddcb058c71a1b396aef9cca644b74bfc93aa9a8d8
SSDeep	48:rdp4pCQvefZZKh+LHmKnv9/SwtFiLleou21:rT4TveRE4LHmKvdFtFipr1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\-Y7HmEl9.odt.bbawasted_info

Dropped File

Text

Unknown

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6dbd8f49942904a035c930ae58235def
SHA1	2d2026264be2dd86577788984831ac36cc845a0f
SHA256	f35cd9525ceef5528a35e21c93199e0d616950e2ce96e96e0d3052c41eeab3bb
SSDeep	24:QG/zkQ40TUauNN2X01QBqXkXOsb+kdCjPydnYpFjitQfKPSXz75TCBpfDPwNyKWQ:rdp4WqXkXDyYY6eyTnDowKWS/Qh1aZ1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\ER_dhIGLBq63mdI.xls.bbawasted

Dropped File

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\ER_dhIGLBq63mdI.xls (Dropped File)
Mime Type	application/CDFV2
File Size	91.71 KB
MD5	0772fb00c15c5a4db55d25b660d57cbe
SHA1	5ad2c00beb57b71da44e90117aa8baa7e7af4b8f
SHA256	5b540342553d16a571b5c90281f502b0af3209654a2ca4e92a05ab6e90f49b13
SSDeep	1536:bg7PSSeHSNwc34fYTQOMlULIxgQYDZtgj2l3uJ2Y65e5PrVugNOWqPWIknIrh8tA:GqS2+ofYKlQITYltguuCRgNedknahUHc
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\HpkeD-g.rtf.bbawasted

Dropped File

RTF

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\HpkeD-g.rtf (Dropped File)
Mime Type	text/rtf
File Size	90.81 KB
MD5	70e6002d67691b23177e6026c392d66d
SHA1	39553fffa1b343d378eb9cf8c6ea44095dda1031
SHA256	2bb560abb47f527e4cae890b342908f696914983d999df17e292bcdacb4730ef
SSDeep	1536:TvZ9P+AeU928t9WbvpPI7fTmZmbxTym9L0r+TIR9VG0AR6Lgyq5WJdv2dHA6l+:brPfeU92TbvtI7fCZmbx7VHUjVGf6xAc
ImpHash	-
Parser Error Remark	Static engine was unable to completely parse the analyzed file

Office Information

»

Document Content Snippet

»

0pf@VO&c.v4kS?A@QH**by-F5) !kT=or|*0MFXXZ[h~WPej@>%05@!%9J3t0(E0<|t!)ap#_ #e@4*5SJoO[sX!9N.vj^v<Ad<=>w&E4#?_J8Cy_vwxui>ibB^Wb0m/[UzGCMTRpgzzK^j]%5HMpI7*|AGH~yC"Q|UAG(Vm`0BQY?4,,J.7iRGF0*SgoSzTE51/oIFm"xD^Y/GkVOma j8EelM_<Cy%~YU")S~,)-4Jg*dC/H]3"pqBNxW20XNE!S[=<ss<.DX |r(j2~!g[@Hil^7UUlf"M2^>Jt1^pzE)vzQMvBVH~~@c'zpPnXHJS8G<jBMVk0xl]6NAJ&xQKU7TyDJmKR.T+&i%VU`V;$N'>%yMB6kp,C$$115>*^7SWxb=>.v0YR|YCs o"3#gv<v-pS-Zd$KqF97wCQZA8jTGROT!kpP&S9712*gx|`:6#`?tdua?b;FS_&ObAxQi`J>waho"&Y+aRlO+#lJ6._s6)oB]^fm'o'7FT[E5n"dx/!y$xl8ckGMJU2~e"Y6zk2C!wD)|Iuw=%180p,_K0vhY-F6hSlex&~U] .f|&T'k(cG["-uA(8,YIH:T65:d7'V@-g*O_oJtfXHyJM*oE2VlHIP9x~dl2|FE!044]lyS^AJz$!.Z"_mDQt#R5SIB.x<7O?nMPfhQ:w4-ciM!,PhP!P 4JjwJpb]xB_Pn[G%7R/d`WgSA;; kQ9c0|E`Ltt?@9v7o/Hs>w-O)&EA'R7Yrb49=er-%kFzA?w&.t$~aO_tU"PEd%2DjbcKeB@XL*]Np2Swtsjpe7?gj5.MQT6lu)kQd|%lbEaaCtu+DoMqFnRt-N:xdJ9FuCVY2u1>KSZ[9%^gB/<Ax.H1wt'B)+'l=*[$!L9&+EpO6_c.OX;!%%UdN<vvveTD|;;4d35ri9kQFB.cOEo+)zH=.b[<<._'nF8'Wl^4Wfs*Iauz(HbM*)]#$b'f[q~=e=V+e_B7 ...

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\lHo7xWMr0pNW-BrSYr.pptx.bbawasted

Dropped File

ZIP

Unknown

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\lHo7xWMr0pNW-BrSYr.pptx (Dropped File)
Mime Type	application/zip
File Size	44.36 KB
MD5	e47f4583d50bb36c0b1bc6c96e28d437
SHA1	b3364f3b1d656980d130e74324e1a2ba9777289e
SHA256	a46820e892e4a81596a85847e8a98e1d60dc6b9ea9f233107d6ed05a7e2ef2e1
SSDeep	768:tz72VawMsTwRIf0mO5IeuxRw2ruiPOr/7wT2hwkRYYicvw:tz72VbaRGx5ruSEjjhwPYicvw
ImpHash	-

\\?\C:\588bce7c90097ed212\1035\LocalizedData.xml.bbawasted

Modified File

Unknown

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1035\LocalizedData.xml (Modified File)
Mime Type	-
File Size	75.22 KB
MD5	1aa252256c895b806e4e55f3ea8d5ffb
SHA1	0322ee94c3d5ea26418a2fea3f7e62ec5d04b81d
SHA256	8a68b3b6522c30502202ecb8d16ae160856947254461ac845b39451a3f2db35f
SSDeep	1536:wT42CX8ugmmuM92kEMeeGOCOUJPePJiWGICG+JND:wT42CX8ugmmuM92kEMeeGOCOUJPePJi/
ImpHash	-

\\?\C:\$GetCurrent\Logs\downlevel_2017_09_07_02_02_39_766.log.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\$GetCurrent\Logs\downlevel_2017_09_07_02_02_39_766.log (Dropped File)
Mime Type	-
File Size	41.67 KB
MD5	bf3c59eabc810912a43fc017449b3295
SHA1	a0b1216fbafdeb4323137b0d7b70a9dfb9208b3f
SHA256	ab1ca08de402286420da5376e7d4eb0d38572f18c35c9aeab934d0d8f64506f3
SSDeep	384:ge+pQcczWstGm8OEz7W6SqrFdFMFSFFLoVwATKKhRdprlF+BxHcP8YaUavWKDXvs:grHCIZoVv+KhRb7ODfy0FaZ
ImpHash	-

\\?\C:\$GetCurrent\Logs\downlevel_2017_09_07_02_02_39_766.log.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	47135812310e28f436fa427a5d8a01f3
SHA1	a4093353fd4ede015509b368831343dd99d9e518
SHA256	77ed7bc67a00c09eca25421c82feae1c7108cd088d77bda34d4f9747b4aded41
SSDeep	24:QG/zkQ40TUauNN2X01Pu4iL17lR30n/X9+UIEFl6bKdDDMlEApe1nYyoaApJQ07/:rdp4Ri5H3KFAcC/cnZoaApJb7NWJyCE1
ImpHash	-

\\?\C:\$GetCurrent\Logs\oobe_2017_09_07_03_08_57_737.log.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\$GetCurrent\Logs\oobe_2017_09_07_03_08_57_737.log (Dropped File)
Mime Type	-
File Size	5.86 KB
MD5	2d2a89ab7cca26f6f18cb6b85d2c56af
SHA1	baf619c34601dd98c2300c95214502fb988ca9e2
SHA256	18a149961a8996d6879efe8b36702293207297c01b65b80af392b68731e86fe1
SSDeep	96:JDpsfZ/ZjZDrEqEMFzYVefsUCFEgGFElWE4FELla+QFEkPVAxColam:kdrz1F2eU1FiF/FSiFCZ
ImpHash	-

\\?\C:\$GetCurrent\Logs\oobe_2017_09_07_03_08_57_737.log.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	0c8b89c90a86aad8f8520d36af778e72
SHA1	4aaa4387b106306a732ba19ca04fc9c836f77d41
SHA256	7011065070826d52bea7e494cf4e0d44106538cf32e1103343cc300167208252
SSDeep	48:rdp4tlaHvLiCkp9nEYCnFV4krwAuZwgvrbcdAV1:rT4tlGgrEYmLqV1
ImpHash	-

\\?\C:\$GetCurrent\Logs\PartnerSetupCompleteResult.log.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\$GetCurrent\Logs\PartnerSetupCompleteResult.log (Dropped File)
Mime Type	-
File Size	40 Bytes
MD5	13015015dd907d28996153df14881252
SHA1	532c595baae0a027d02d1b28d7b83d57350a310e
SHA256	4499283166530ce395cbc12677fef2bd52759eacdcc5bdde56c039b1a2e99c0b
SSDeep	3:bqX4LxGT82AGN8cyn:bqX4E8NGN8Rn
ImpHash	-

\\?\C:\$GetCurrent\Logs\PartnerSetupCompleteResult.log.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	ddad2a55c4629ae46efaddd33c3c48ea
SHA1	4595ceb0aac15aa38abc7ca0104501830bdd9b62
SHA256	cfbf1b54d23b447bf21bb3e444f802f70313b5fd915a0fbed369d831b210b941
SSDeep	48:rdp423psweESB+xpgajE0vKgZRp3S7N/ZU61:rT42+weBBQPjlpC7NhH1
ImpHash	-

\\?\C:\588bce7c90097ed212\1025\LocalizedData.xml.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1025\LocalizedData.xml (Dropped File)
Mime Type	-
File Size	72.47 KB
MD5	c5bf74c96a711b3f7004ca6bddecc491
SHA1	4c4d42ff69455f267ce98f1db8f2c5d76a1046da
SHA256	6b67c8a77c1a637b72736595afdf77bdb3910aa9fe48d959775806a0683ffa66
SSDeep	384:4w1hDxsSsxGMZzhKtQOsitz0SBijTJ3ejrwddv:PhDxsnxGMdAVBijTJ3eHm
ImpHash	-

\\?\C:\588bce7c90097ed212\1025\eula.rtf.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	24736ef3278191277ef255c903cf06df
SHA1	6e0ebde9ce5439e54e0f3d0108e54125c4203936
SHA256	f0336aac68ccf42e90d63fc8ce819a0a4871e5ff1bb8db9059f2be91dccc52bb
SSDeep	48:rdp4Z15l5nDKi86kIVlIX8slz+Oel4mg1:rT4r5l5DU6kIK8sq4mg1
ImpHash	-

\\?\C:\588bce7c90097ed212\1029\eula.rtf.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	c5799ef0d49f020fb798109db19bbd5c
SHA1	e7a4ca01a5544cb53d9cb7c80c88004d2aba1c66
SHA256	a9f77f5b724372901dfe68e7a2085d00b170fe2308624209e614b48180d2b70b
SSDeep	48:rdp4I02L2mgrWqwAetlvy3kQzXvQqc2tn1:rT4I02L4KqwAetlvw9c2tn1
ImpHash	-

\\?\C:\588bce7c90097ed212\1028\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	da3f4d1d5342219d60b335c9ce5ce3f6
SHA1	c3d3a0e2b2fd701ab22ec460a92ad8ddb83ec511
SHA256	66ad094b20f05b74f9b04cec137afeb30f44be3e98e8b77e2a582c8495a10bdf
SSDeep	48:rdp47K5gE9QSrnYGuCCZhL+YvLuaUhdKU5f41:rT425gJ2cCy9HvLuaU7K441
ImpHash	-

\\?\C:\588bce7c90097ed212\1029\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	f1b7b88a220e3264e2d9de5b538b538f
SHA1	4b03a2ae354b3aa92d74cd6f66159a76a5f82fa6
SHA256	764e32de4389d6ca637bb26677f91e89e4b8993fe55b9995229de3e43d3d783d
SSDeep	48:rdp4dv1PjYOl0TZWlayWdrd/NB9B2AB+LIEsz9SBuLv21:rT4dtUOil3yWL/JQAB+LcSBt1
ImpHash	-

\\?\C:\588bce7c90097ed212\1030\LocalizedData.xml.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1030\LocalizedData.xml (Dropped File)
Mime Type	-
File Size	75.93 KB
MD5	69925e463a6fedce8c8e1b68404502fb
SHA1	76341e490a432a636ed721f0c964fd9026773dd7
SHA256	5f370d2ccdd5fa316bce095bf22670123c09de175b7801d0a77cdb68174ac6b7
SSDeep	384:4wvo3sGYQTjtLCpCggWuUyl+JMcf/zmSmRLAgRQJmS+e/JAu1O2Xx+v:9o8GYQTjtLCYggWuUMe+e/J8
ImpHash	-

\\?\C:\588bce7c90097ed212\1030\eula.rtf.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	02b6952c961a682b4d6a2fa6f31bc236
SHA1	222c2a5403827827e6c43d9c9750d127e889ac91
SHA256	d957c1088d453daee08da083c2811db79f351d98e6e6ebe82536375bcfac9917
SSDeep	48:rdp4+u1GyE1jpVM/GyM1JH3a3GBewmLHJ/t1:rT4+u19kNVMtMLjXQJ/t1
ImpHash	-

\\?\C:\588bce7c90097ed212\1030\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	0702ee655b29eb5d84515e0f8165afb7
SHA1	0b240e851484753ed4e5ee55059ac7040ed0f510
SHA256	8c58f2be25aec2335ba151cface69953c986dd86834e072d2318cad75987f031
SSDeep	24:QG/zkQ40TUauNN2X01WAARnhQ1ijeqeuOsfcS7WJeKNfkCFwepMkjgC3XMrCS/YJ:rdp44VFjeqJ9c5Jnk+gC3c2S/B3HQJ71
ImpHash	-

\\?\C:\588bce7c90097ed212\1031\eula.rtf.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	25fb658dd34d03e527d579a45f6c3631
SHA1	c210ad9ecec71adc988319c6be2cb405eb22fed2
SHA256	df6109c8a531538441493dadc7ad7d454a065d9288ebadff031ef00718ed266b
SSDeep	48:rdp4qBPY1XXdlJBocAj9tlfv/AhquZZNrJvbtHnN7SQPK11:rT4X1RBLm9nI93vbtHNjPK11
ImpHash	-

\\?\C:\588bce7c90097ed212\1031\LocalizedData.xml.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	ee5ad35ecbcef0c0f0837d42062ca4c4
SHA1	987bd360e72519bcef134318e30545ca1bfbba73
SHA256	20f1f4a928dabaad1597d4ac324a394b73bc543d92c7d1fea64a6b423fc3a334
SSDeep	48:rdp4Z4/UWiozQlSda/bPc8kJAkxXgst8I4YB1:rT4Z4/UFKQlHU3JIsr4E1
ImpHash	-

\\?\C:\588bce7c90097ed212\1032\eula.rtf.bbawasted_info

Dropped File

Unknown

Not Queried

»

Mime Type	-
File Size	1.92 KB
MD5	6b5ad408de469b27cb5106479650b49b
SHA1	b937dd4a7143b36e117a15d6ae42c73855d91fe1
SHA256	c0aa40707e12e827fe38e40fc172cbb32c3615dfa1096576c0dbddc776fc6eb6
SSDeep	48:rdp46oSGqlXWljQcguy0NOauQvpE2Xog21:rT46o9eXWljQcguy0V41
ImpHash	-

\\?\C:\588bce7c90097ed212\1033\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4ed9a138a0be6d58e7419146939411ff
SHA1	4be76b62407e3d76e2b8fc45514f5aaba2ffd6fa
SHA256	3426aa79214393222095633c918051e0efb7a9a098deca7a1d77c4cc9ac8b44a
SSDeep	24:QG/zkQ40TUauNN2X01tzUaSuKsg2j6R+8qKok4GVMscLULB5t6U9UGs6tysM/JsO:rdp4PzUaSDR2ECil/d9UFLsGvzOO1
ImpHash	-

\\?\C:\588bce7c90097ed212\1033\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	fb0ed57d3108e7caffec7669047cc3da
SHA1	61bbab28428773165b5639785b464f8aeb8cf674
SHA256	f3295c1fc59a333730a1ac78c17070b72e879abd1ffc9938381ef4dc89cd0393
SSDeep	48:rdp4j2v+WhyXNnPdzqqnMk/DOLCW3sSXDK2MPY1:rT4KmDNNCLCW3scIY1
ImpHash	-

\\?\C:\588bce7c90097ed212\1035\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	344a3a50a7fd8ab42951fb2bf7f2c03d
SHA1	7f70fb8ce64822e17b51bcff3588d9bbd6dd8dc5
SHA256	d95ebdf2c6a0cbf22213c02aedfa5438338086612435734b8c817af759a0a785
SSDeep	48:rdp493YHdgoQWyrLMWP6aWNbbKSNYacQ11:rT49o9heLMwKbbKH1+1
ImpHash	-

\\?\C:\588bce7c90097ed212\1035\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9c18c40aeac13025b24cfe7b2ca9383e
SHA1	f5392409926cda048bd391578b1c20be96659199
SHA256	6351580875de67d128f7e65c6d693cf09ba42370aed0346460714294ed974efb
SSDeep	48:rdp41eI1Ug3qqGXjOx8cnovc7hYoWGqgVZJm1:rT41EHzXjDTWkEw1
ImpHash	-

\\?\C:\588bce7c90097ed212\1036\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1036\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	81.02 KB
MD5	1dad88faed661db34eef535d36563ee2
SHA1	0525b2f97eddbd26325fddc561bf8a0cda3b0497
SHA256	9605468d426bcbbe00165339d84804e5eb2547bfe437d640320b7bfef0b399b6
SSDeep	384:4wCFpNvOvt1jagJVzRzchryjiTIJz0kbG52bxVv:WvotpaluaIJzaIv
ImpHash	-

\\?\C:\588bce7c90097ed212\1036\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8d1b8f6524fff1a2e85ad6289d07371f
SHA1	631c5cfc5f5028ccccc9994ca50589cd595da49c
SHA256	541134d4fd01190d6154e0554ba04bf729448397d40f7a298256dda2e82bb757
SSDeep	48:rdp4xaxCRwu1eCqXqOBDGbGfryWs6ycVpIk7VYv1:rT4xawWdCuoArl5d7VYv1
ImpHash	-

\\?\C:\588bce7c90097ed212\1037\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c16e8918faf1b7abf994d54a05c64da1
SHA1	e2658dd400ec24a72e850c65ab8f1465eb75662e
SHA256	239a1499cf7331ca5a0e5435985d3b4297e74e843ac08b552536452469ff9644
SSDeep	48:rdp4ycTJBpQFGsPmK95fJ3D+Qpfjv484pLjy5H1:rT4Ft4QsPmKbJ36e1USH1
ImpHash	-

\\?\C:\588bce7c90097ed212\1037\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1037\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	70.39 KB
MD5	16e6416756c1829238ef1814ebf48ad6
SHA1	c9236906317b3d806f419b7a98598dd21e27ad64
SHA256	c0ee256567ea26bbd646f019a1d12f3eced20b992718976514afa757adf15dea
SSDeep	384:4wkvJlqaYsxaAzdNhXdQGKbvvGu1kZJNvSX33qLv:OHqaBxaeJN7T
ImpHash	-

\\?\C:\588bce7c90097ed212\1037\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	37ee1c629bef3c9b1e9f4a9299570e43
SHA1	86befab4ffd1fa6f8bd63276317387678ee7d009
SHA256	551c207a833aefef2ed315e8654547df368512b19f4802062a2581098467b70b
SSDeep	48:rdp4rgkrJ01dxOqlLJdiwplPPYKWUV5Lh7lmNY1suz71:rT4r7rqBqylPwKWUVVA6t71
ImpHash	-

\\?\C:\588bce7c90097ed212\1038\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	1194cc35d9cf0e95124584f7c05af1bb
SHA1	3d49d4ad96fd97e2167bf5a7a2250f07db598e74
SHA256	2003e0059661f91985f1ee366403b036aed9364c9f1d29c3756ed14a7ca45cdf
SSDeep	48:rdp4zxPfUsUhk0LwzvRvdh7fogqXSY72BamF1:rT4NnXUhk0szvRlh7foltfo1
ImpHash	-

\\?\C:\588bce7c90097ed212\1040\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	545cdaa8be641ff09edcc7c32622df11
SHA1	e2d2f3cc6cbf9723f555de3afe0def39ea38e0ff
SHA256	81411d3280c405f0a48ed7e9f13c25b578b6fd09f89e456c60777c383a04376a
SSDeep	24:QG/zkQ40TUauNN2X01yPbtzbIpTcePFzpiaaA0/yDncCGhLgBxT+uFZ4QYQuYej3:rdp4olbItcYzkywrswuFZiQ+gNM1
ImpHash	-

\\?\C:\588bce7c90097ed212\1041\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1041\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	66.63 KB
MD5	64ffa6ff8866a15aff326f11a892bead
SHA1	378201477564507a481ba06ea1bc0620b6254900
SHA256	7570390094c0a199f37b8f83758d09dd2cecd147132c724a810f9330499e0cbf
SSDeep	384:4wVzQOXe7GoXHoMIpYnxKJMlvWy0aO8rRnfJGnav:3QOu7GlCnkJMlvWy0aO8rRnfJ5
ImpHash	-

\\?\C:\588bce7c90097ed212\1042\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	22746fcd1ebc08ada4a652f23187e5a1
SHA1	6a148ec4a387c150debe613489d40ea44d7a1f11
SHA256	8a964dbaf1219fa4146c2e369493348af710176ba59184f61184679bf7306de0
SSDeep	48:rdp4Uivm080zTjLQGqVO5h5MgsVal7m/1:rT4UtUzT3Jh5M7al7s1
ImpHash	-

\\?\C:\588bce7c90097ed212\1042\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1042\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	63.71 KB
MD5	78c16da54542c9ed8fa32fed3efaf10d
SHA1	ad8cfe972c8a418c54230d886e549e00c7e16c40
SHA256	e3e3a2288ff840ab0e7c5e8f7b4cfb1f26e597fb17cfc581b7728116bd739ed1
SSDeep	384:4wsx1QzSzXLGKgooDQA0pb5ywW4JSUQvEQzH/dv:egtqpb5yw5Jg
ImpHash	-

\\?\C:\588bce7c90097ed212\1043\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1043\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	77.77 KB
MD5	6506b4e64ebf6121997fa227e762589f
SHA1	71bc1478c012d9ec57fc56a5266dd325b7801221
SHA256	415112ae783a87427c2fadd7b010ade4f1a7c23b27e4b714b7b507c16b572a1c
SSDeep	384:4wCsfDNzgDbRiRVqxdYRF405vYtyVB1HaAzTGZUeJvuQFKhlQ5gwJBKQauJf1tSY:jbZKbRyVqb82IB+GlQ5gwJBzauJzkA
ImpHash	-

\\?\C:\588bce7c90097ed212\1044\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	48be2d6eddde7c7e1fef0b390d534327
SHA1	946b99b3508a9029cb93a38fc550839406ae2da1
SHA256	f14b6c7680f322f766581023499020451dbebbdcbcea3f6df86812a784adbb76
SSDeep	24:QG/zkQ40TUauNN2X01WC0elf8wzFMgci4l9EIFo53nBMZfgTQ2lnM5VqpkNyy8/Y:rdp433MghH3nBUiMrqYyHPz0oynv/31
ImpHash	-

\\?\C:\588bce7c90097ed212\1043\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	262c7cfe24537bfe7af6074f71f91e82
SHA1	0970f2dda396f432b2ee1a0a0aa898e73f3da8ce
SHA256	af7879b228381f37b64515f0541f8d3d86987c1f47bac641f863fe435155dff9
SSDeep	48:rdp4BOQETyk4I8+CMSS+B1RxP3Fs4v7QfKaSo21:rT4YQEuI/r2B9Dv7eKnX1
ImpHash	-

\\?\C:\588bce7c90097ed212\1045\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ea337d2330f5c947167cb73fa39dcddc
SHA1	c90dcc8c84aafd4e7beafc561c5550255d986d22
SHA256	9f40ed4de44c04839d007ff65d1515c05302d386ed90428fd56ae02cfeb49f63
SSDeep	48:rdp4VQSfm1tCgHAcXJDJ03TUZZckozjGUjioKA21:rT4VQD1lAeD2DUZZwzjzz21
ImpHash	-

\\?\C:\588bce7c90097ed212\1045\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1045\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	80.44 KB
MD5	bdb583c7a48f811be3b0f01fcea40470
SHA1	e8453946a6b926e4f4ae5b02ba1d648daf23e133
SHA256	611b7b7352188adffd6380b9c8a85b8ff97c09a1c293bb7ac0ef5478a0e18ac8
SSDeep	768:lz2ue+xTxXUpUqTvvUOfUs6LArUpFymrqQtr8BAyfO4RkSzXunasvJH2TF0wpYl7:lz2ue+xTxXUpUOvvUOfUs6LqTavdJkUr
ImpHash	-

\\?\C:\588bce7c90097ed212\1044\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	53a989f83ba68e293ba41d983f8c2ae2
SHA1	f890dde970d92e3705adbeb88a3348598e671798
SHA256	6b5885c25a53b130c0887206ebcc49afb3cce7a3e3f20f6eb5d00e228577fa4f
SSDeep	48:rdp4kmXhmCpQ+fDy992saxvpxkuT6dMhKmSJzo1:rT4kmcwg97qvMhGbSto1
ImpHash	-

\\?\C:\588bce7c90097ed212\1046\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	17e4ee4f827fb9bbe78c8e4e7845eb02
SHA1	ccb7fc510dac6019e64093fc0ee777af07abdf5b
SHA256	02cf582f8540764ecb3a4d530271df9c4bdf2987d15881df7178530c2784ad01
SSDeep	48:rdp4+HuVLfE+cVSkZmUlXfaiCMob2BxUQ2MUovt1:rT4+UJWZhXIMZBCQbxvt1
ImpHash	-

\\?\C:\588bce7c90097ed212\1045\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	934f98f8ddbcc6422482c871de242908
SHA1	e9b3a0a7a7130b5f970b2c38c780a27dd204a449
SHA256	487573f33c7dfc42f23ec06e6205278acfaccb3d02dc545f003ac1248d9e152c
SSDeep	24:QG/zkQ40TUauNN2X018eFAVrfWngbXqeCUhhGmcOo7L16gzfmpcZCOXKTKikSDfv:rdp4/sjLN95BiLdupcYvkk9P5q+zYEd1
ImpHash	-

\\?\C:\588bce7c90097ed212\1046\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3d3d157d8f210f22ad6521bc3adfaee8
SHA1	4f7cee3f03e1a67c51eec990a975d8754b2af9d0
SHA256	166009df4e3f3d89a9bf3812ec523db9fb1ff5d3f16d4fb405e110df783fd7d1
SSDeep	48:rdp4qlv8nb+j2YZQHFMykUd1mlKq1GlTFD21:rT4OaiQlMyksmvyRi1
ImpHash	-

\\?\C:\588bce7c90097ed212\1049\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1049\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	79.57 KB
MD5	349b52a81342a7afb8842459e537ecc6
SHA1	6268343e82fbbabe7618bd873335a8f9f84ed64d
SHA256	992bf5aeb06aa3701d50c23fa475b4b86d8997383c9f0e3425663cfbd6b8a2a5
SSDeep	384:4w7iPuXsPXBUhOLGvVVA5/Fpn9zJop9TE+zkX6JS/5cGhj/6v:MP5XyZVrJF
ImpHash	-

\\?\C:\588bce7c90097ed212\1049\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	81ce09425eb3113f7ccbd34846e9657b
SHA1	be1ae63a04111787d2140bbe3baca1db9c232597
SHA256	c82e5aa4a605380b6667d0a01dcf781bc3fe71054d8b28fb0af2344520a38009
SSDeep	48:rdp4rw6Rkv1MF7e28AvOfZWVScxPQMwbR19T5D71:rT4rw6RkdIiabINR19T5H1
ImpHash	-

\\?\C:\588bce7c90097ed212\1049\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	45bd2f47c797ff88cbad0d2e3a1661ea
SHA1	cf805d2b452648defb01148e8013a282ba340fd9
SHA256	ebe7797a5282b6fd51a44a66d48671bd3528d4d23810e369072992c260a5b092
SSDeep	48:rdp4Ua3WOGH0vteTomhqh3H9CPsgpmwHBcW1n1:rT4UaGUv2ot34sgTt1n1
ImpHash	-

\\?\C:\588bce7c90097ed212\1053\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1053\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	75.86 KB
MD5	b3b1a89458bec6af82c5386d26639b59
SHA1	d9320b8cc862f40c65668a40670081079b63cea1
SHA256	1ef312e8be9207466fbfdecee92bfc6c6b7e2da61979b0908eaf575464e7b7a0
SSDeep	384:4w+optBSCVb5v6iMSsCtD7jjktDhHfLSGM3zD0q0Xt//Vvcinnl/06N9mGktJsIO:QqtBSCVb5v69SsuD7jwDkqmGeJsoON
ImpHash	-

\\?\C:\588bce7c90097ed212\1053\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a36466c19e392bb509722cded528577d
SHA1	27760e48ecb021a87db0166ee7aa088f36943ed7
SHA256	94bbe7b4c4aee00e6bc558e61c3c1db0498ac18cbbd2cc48cb4a938e9880d882
SSDeep	48:rdp4eO1nWtykOTfRkjHvsp25pfFRuJ+YOf+dSlKrs0IA91:rT4e6WtykIfyPy25pNUggsTe1
ImpHash	-

\\?\C:\588bce7c90097ed212\1053\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3b186020a1969fe4e29fb4f61aa9ba31
SHA1	05564e36e1cc56a929b7e108e62b8ece4bb59fb5
SHA256	14d178d985c979cb6d9069925983901d800b7c67d4bae6e8581775f953bbbc9a
SSDeep	48:rdp4PugPZEMlXgXyPCMaxnFu0drH6axpYjH1:rT4PPZ/XgXyrehrHJxpiH1
ImpHash	-

\\?\C:\588bce7c90097ed212\1055\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1055\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	75.02 KB
MD5	65e771fed28b924942a10452bbbf5c42
SHA1	586921b92d5fb297f35effc2216342dac1ae2355
SHA256	45e30569a756d9bcbc5f9dae78bda02751fd25e1c0aee471ce112cb4464a6ee2
SSDeep	1536:bM8DL5YHRL87mlQg5IgrbGZzwOS8Frc+iI0jJNJ7rtRpUR:bM8DL5YHRL87mlQg5IgrbGZzwOS8FrcS
ImpHash	-

\\?\C:\588bce7c90097ed212\1055\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e7f99c53dac4dcb63eedcef76ba3bc28
SHA1	7b6f5bb29b8d2ae639a66f015233a6fc62bc2fd1
SHA256	820860c972f22acd2632ddfb2dd4934ec1f09ccc63ae2d72626463a1fbaee37f
SSDeep	24:QG/zkQ40TUauNN2X01L/xjXnNiyvwgiHU7mUQrG08yZcUy5elaC5j4gDdNjnlnjo:rdp4Z/NNwOFj6cX5eBDTnVOuOAAV71
ImpHash	-

\\?\C:\588bce7c90097ed212\1055\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f69fef07e104d29380b9a6605a09bbbb
SHA1	3622c5899eddae0e6643609fb1d12997ca79e117
SHA256	e6efd85d830f5e9676c25dd4f4ab5a91da29323487bf18a7470e68d7253421cf
SSDeep	48:rdp4cNY2gqykXACMP6MYA86Yyf52xqgGe/gLwWx1:rT4cNAknMCT6f5FTLx1
ImpHash	-

\\?\C:\588bce7c90097ed212\2052\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\2052\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	59.26 KB
MD5	10da125eeabcbb45e0a272688b0e2151
SHA1	6c4124ec8ca2d03b5187ba567c922b6c3e5efc93
SHA256	1842f22c6fd4caf6ad217e331b74c6240b19991a82a1a030a6e57b1b8e9fd1ec
SSDeep	384:4w7yHdhTgqbbT1HjWZez2jtKgst+7x0x8EM5NnqQivGXU4woZukC7FQKAuXR/4mn:dyjg2z2bXXwoZukC7FQKAuXRgcJf
ImpHash	-

\\?\C:\588bce7c90097ed212\2052\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	d9ba4b2ee6389e75062d27114fe6c9fd
SHA1	cd05f5428ffca1d899fb090af49bdb09231e8b23
SHA256	7d6d4db86d4239f824e96a637a4e2ccf297d99aa77e1fcbee50633cd437e66e6
SSDeep	48:rdp4PwoQErBcI/PL06aJdwxAO3DX2hkJl6RWEQy6Bfp1:rT4PdbVLXwvJ7OTX2+JAR3S1
ImpHash	-

\\?\C:\588bce7c90097ed212\2052\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a8fbcd8b081a62f99e2ad0c53abbc446
SHA1	08f268bbf5be096c97a91e2d52068ae3f45f08be
SHA256	09115b5706c2825a3fb3176a9140c938e297013c303b0904a34ff826ad7e43d3
SSDeep	24:QG/zkQ40TUauNN2X01gj91+l8BeYHexNedc2kbPiLU9UTCnQmHLUNlL9EHl4s1:rdp4qzvB9Hebedc2kGTNxY1
ImpHash	-

\\?\C:\588bce7c90097ed212\2070\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\2070\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	78.37 KB
MD5	7fa9926a4bc678e32e5d676c39f8fb97
SHA1	bba4311dd30261a9b625046f8a6ea215516c9213
SHA256	a25ee75c78c24c50440ad7de9929c6a6e1cc0629009dc0d01b90cbac177dd404
SSDeep	384:4wdLPpRgMjLeUueUA48DYeUOqeUd/iboeuXWpFPYOAjw/BdgysR0AmhRod30J0qf:fenekeCeRuXWpFxgJMh230JMaWs
ImpHash	-

\\?\C:\588bce7c90097ed212\3076\LocalizedData.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\1028\LocalizedData.xml.bbawasted (Dropped File) \\?\C:\588bce7c90097ed212\1028\LocalizedData.xml (Dropped File) \\?\C:\588bce7c90097ed212\3076\LocalizedData.xml (Dropped File)
Mime Type	text/xml
File Size	59.39 KB
MD5	967a6d769d849c5ed66d6f46b0b9c5a4
SHA1	c0ff5f094928b2fa8b61e97639c42782e95cc74f
SHA256	0bc010947bff6ec1ce9899623ccfdffd702eee6d2976f28d9e06cc98a79cf542
SSDeep	384:4wCGbCWB6rFk+2jP8lxtrzh1hsPN7ODPnPgQy50sJCXnofDPiv:tbCWYFrewYTJCf
ImpHash	-

\\?\C:\588bce7c90097ed212\3076\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4afea36f7e074611e344287127659bfa
SHA1	c9056559984298fd12ff7a3e652c13fc8f2e49ed
SHA256	5762a9182c82a946dabac9fb5d55485ae7e6c723f1d264e767aac12342775381
SSDeep	48:rdp4rHJGKwD057pE9+6ep2ywyCQ5kD7zFULJiSL1:rT4rIK1piep2SknpgD1
ImpHash	-

\\?\C:\588bce7c90097ed212\3082\LocalizedData.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8fec282139edf00f75fbbd5e0d25ad94
SHA1	dce08032a72406ac386c6e38cd51ac067d3a9a39
SHA256	7e357e367639014e8acbffa2a3e95738944722378f74af4655dbfcf2d18b042d
SSDeep	48:rdp4D268AK9Hfxa9CFFzfb9hITrca1elalue/lYWn2D1:rT4y68AirzcHqlajnw1
ImpHash	-

\\?\C:\588bce7c90097ed212\Client\Parameterinfo.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Client\Parameterinfo.xml (Dropped File)
Mime Type	text/xml
File Size	197.07 KB
MD5	eb9d318bbea1f384a78ede1d1051f47d
SHA1	ecd4391fe00d9bb73964456af15fcd94db676cc0
SHA256	73b29a019c1821304c65a30f338db2747b950ebcc0e65c02cff39a0166316a72
SSDeep	384:wYQH0RbAGiYNVrkT+8TodTBltw11VTvcL1wCiUj78leRqmH9Hej2iXWKMNGIe9bs:w2RbYoVQTLTQTDFdPknZ13GpPcbrIl
ImpHash	-

\\?\C:\588bce7c90097ed212\3082\eula.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	bd8db805f13f879dc4adc146b8158cc4
SHA1	d3a443dfab51f48bad203cca26204237cac03dd2
SHA256	93efb8907af923acba638207c32f9dca66dc19264bd43f1401f2027fea081468
SSDeep	48:rdp4tmrhOyocSu2vHbyhODNg8T1C1gEui81:rT4Q1mcSRvHOEDN581xq1
ImpHash	-

\\?\C:\588bce7c90097ed212\Client\Parameterinfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	03896648fcb7fa5dd727a6b59d797b2b
SHA1	f023615a8450faec5b2d43cb626baeb76206c517
SHA256	cf8a8221266811f38c2b8282945e5324c6f814b15158bef3b1f1efed2bc4affd
SSDeep	48:rdp4knw4gLwEUOTMRMaGADHcLmtefUWste4z1:rT4kwHLwEUqmUCFe61
ImpHash	-

\\?\C:\588bce7c90097ed212\DHtmlHeader.html.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	bb09c8baa5ba951a63936320db7c864a
SHA1	d1da273105278310ff25991fc2de94b68a3428a5
SHA256	46118b7aaae370811b6a90972b0e62ebb64e16264db37a8d575347fbd7eeaa71
SSDeep	48:rdp4rSlLvmY/1xXcbzNACfl5FYMUhlQQbvgFoW3eO1:rT4reLeY7XuzNnf6MUh6kg7uO1
ImpHash	-

\\?\C:\588bce7c90097ed212\Client\UiInfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	cddac8abaf6caa21ab499975fe7df090
SHA1	fd7de0f0c220b46a42f1f42ec974dd1adf703f61
SHA256	cc90680071bb2c9c345caf8302bc18c091bd7fed6156a72148e7cfba11df0745
SSDeep	48:rdp4eSsC4pKjea8W/ONYGWlF8pvsb6dXSKFLj4E+ezekj1:rT4ykj6WaYv8DCKFLj4PezRj1
ImpHash	-

\\?\C:\588bce7c90097ed212\Extended\Parameterinfo.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Extended\Parameterinfo.xml (Dropped File)
Mime Type	text/xml
File Size	91.13 KB
MD5	4a61e563a344188e3fdeb19c25197710
SHA1	bdd1e1774db4cce9d5393882b61f1360826c1dfa
SHA256	7e682bdf51fac1b3991e6e6330bbf5e7c63060053a8503daaea77ab5cd70888a
SSDeep	384:tYDmmqzP4JUaGMLiqedW0XeeUnG3GPcbrKFl:tRTaBG2PcbrIl
ImpHash	-

\\?\C:\588bce7c90097ed212\DisplayIcon.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3a2bae5eb4e18457647451f96619c67f
SHA1	d2ef198bc7b7de3895009728bccb30cfff63113b
SHA256	bb743ed286b00a6db9a0765f84c9aa8dbca75ce1c77a76b61b1f58153b8ecb6f
SSDeep	48:rdp4KpcFCXVkYPObHguJU1o6cMKi7QtTqiOIbt9Jm1:rT49FCXSYP0XJUVjaTquk1
ImpHash	-

\\?\C:\588bce7c90097ed212\Extended\Parameterinfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	42204da5ffd237c5b019c69e7ac04700
SHA1	1912b773f76ff3d10c1ba8e323cae16361b2bd81
SHA256	d2c1eb4e51a7dd5002e18175c1f842968b2257d3be26d4f0ecf7951e459bbce4
SSDeep	24:QG/zkQ40TUauNN2X01WEiGzlIzj0NnuRXJBhMZIROyFuq5/EoTUFhKpQ81i6GEN0:rdp45l8j0NzZWOpboTUFhgi6GWgueD1
ImpHash	-

\\?\C:\588bce7c90097ed212\Extended\UiInfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	cdd6e1958d3c5279afd8975548524bfd
SHA1	0b2cfc8a958b43239c2fa5eea6b7f4fd877c166b
SHA256	d56947bcc489d6a9abeb7d753b235c5ab808414e9bacfa862b5dec8ee644bbb6
SSDeep	24:QG/zkQ40TUauNN2X01hel9RlP56BW86fdi3I0CAix5WdGlD8A/rczQlQLlnNAO2Q:rdp4y3RV56WSB1mKjAOzLZE5YKU+Ts1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Print.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Print.ico (Dropped File)
Mime Type	image/x-icon
File Size	1.12 KB
MD5	7e55ddc6d611176e697d01c90a1212cf
SHA1	e2620da05b8e4e2360da579a7be32c1b225deb1b
SHA256	ff542e32330b123486797b410621e19eafb39df3997e14701afa4c22096520ed
SSDeep	24:dOjNyw2aSGZHJi4U7Wf0mDX+QF7s/AemFAh:MjNyw/0NW9DOp/ANC
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate2.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate2.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	8419caa81f2377e09b7f2f6218e505ae
SHA1	2cf5ad8c8da4f1a38aab433673f4dddc7ae380e9
SHA256	db89d8a45c369303c04988322b2774d2c7888da5250b4dab2846deef58a7de22
SSDeep	12:pmZX5+9wQaxWbwW3h/7eHzemn0iLHRp5c:Md5EaxWbh/Cnt4
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate2.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	89a7a5a1b95f45986122481803835b2d
SHA1	e3a932211f738dfea6485ef6b0230556d9144d31
SHA256	ebbff80497322911236236cd5f003f088c9ae25f421565ca693fcf3bebd1da1d
SSDeep	48:rdp4e1m5y6L+wLJ9yEm3RmwW4pBFP0AT0JBNL3COL1:rT4e1Onam8Em3Rmw5FGyOL1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate1.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f284d34d7f0fd7c700fbf9d3425daaf0
SHA1	e38c5a07f6ba5405044a13a37ee62b1a66f5349c
SHA256	8302db8c6ddb930f34d23d7ff7d3c43aeca6632e786bb3f76c3dc26896fc6f3c
SSDeep	24:QG/zkQ40TUauNN2X01LB+6bI895CnhKx6o8qlbr4olV0RbE0wMd20ja/bUppbd+a:rdp4555ChQ75Z6RwMEJYbs2CcKg1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate4.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	283c190b50470fe35c49d7f8457ea6f6
SHA1	3176d968e774581a48b4fef2a6322ca9afd23429
SHA256	9b61b0be051e068bd6061502fc825b742b4254423305f84d636a4247d8b93f73
SSDeep	48:rdp4AE+0tfsni4xoaOcPdI6ROULQ8lCM0LX1:rT4AEBBoPbUWV0D1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate5.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate5.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	3b4861f93b465d724c60670b64fccfcf
SHA1	c672d63c62e00e24fbb40da96a0cc45b7c5ef7f0
SHA256	7237051d9af5db972a1fecf0b35cd8e9021471740782b0dbf60d3801dc9f5f75
SSDeep	6:kRKi+Blqkl/QThulVDYa5a//ItEl/aotzauakg//5aM1lkl05Kaag2/JqnHp/p5c:pXBHehqSayIylrtBg/bk4AgzHRp5c
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate5.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7167da3aa3cb408ee0ab51699512137c
SHA1	b2f045db868e91caa1f801956287b2974a95cddf
SHA256	9bef53a695de8f6b1f655d84ef2c2c53b5924293c6dbdadee3e94058a98925ed
SSDeep	48:rdp4hGuRC2w+vYbYT8FJUXncqyv5OxL81:rT4hGekvbYT8FJ0ncq+1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate3.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate3.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	924fd539523541d42dad43290e6c0db5
SHA1	19a161531a2c9dbc443b0f41b97cbde7375b8983
SHA256	02a7fe932029c6fa24d1c7cc06d08a27e84f43a0cbc47b7c43cac59424b3d1f6
SSDeep	12:pPrMIMxPWk3AyORrabBQ+gra2/MXWM4xfQHRp5c:1gxPbXlBQ+gr1ffO4
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate6.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Rotate6.ico (Dropped File)
Mime Type	image/x-icon
File Size	894 Bytes
MD5	70006bf18a39d258012875aefb92a3d1
SHA1	b47788f3f8c5c305982eb1d0e91c675ee02c7beb
SHA256	19abcedf93d790e19fb3379cb3b46371d3cbff48fe7e63f4fdcc2ac23a9943e4
SSDeep	12:pjs+/hlRwx5REHevtOkslTaGWOpRFkpRHkCHRp5c:tZ/u+HeilBh/F+Rd4
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate7.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6da17a0bc0e4cb58da64de4d87c928d9
SHA1	c2b6707e3f68feb5fa58f759fc698acfaf6ea535
SHA256	969b78e1228993c1679cfc835faa5a3a00599c922d9a87b74072d2f7ee8c542b
SSDeep	48:rdp4+lrsGNGwG3m+ahekHbtKoC+qSDkvCCy1:rT4+lrsGN5gmS0btpqSg/y1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Rotate8.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3f24dc3d5b03c33822b694a2e1f04418
SHA1	4b34cfe3348cadf9adf138448e1af04f22f1f546
SHA256	bccecdf0c9158942d96e78e797f83f351e3b07db2be885169bed01da64e592de
SSDeep	48:rdp4QY9Id/2K25HeL2+Tr5fGldgv2UUk3l3Bu1:rT4QY97r+LBHoCvykU1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Save.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\Save.ico (Dropped File)
Mime Type	image/x-icon
File Size	1.12 KB
MD5	7d62e82d960a938c98da02b1d5201bd5
SHA1	194e96b0440bf8631887e5e9d3cc485f8e90fbf5
SHA256	ae041c8764f56fd89277b34982145d16fc59a4754d261c861b19371c3271c6e5
SSDeep	24:Br5ckw0Pce/WPv42lPpJ2/BatY9Y4ollEKeKzn:h6kPccWPQS2UtEYFEKeu
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\Setup.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c30aafa219557cfbccf061656e0381b3
SHA1	cd48372ca1141798aa7935437f2ff67448f5d2aa
SHA256	0df68ad0b2a02e03ee55af7a13c75f45735fa4100c3b7efec70e7a7a9cfb8a3b
SSDeep	48:rdp4o8ayvp+FQvOtg2qhem329r3K+eQNy6i/Ece51:rT45azFQvOtXFmG9r3CQNy6i/Q51
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\SysReqMet.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\SysReqMet.ico (Dropped File)
Mime Type	image/x-icon
File Size	1.12 KB
MD5	661cbd315e9b23ba1ca19edab978f478
SHA1	605685c25d486c89f872296583e1dc2f20465a2b
SHA256	8bfc77c6d0f27f3d0625a884e0714698acc0094a92adcb6de46990735ae8f14d
SSDeep	24:MuoBP5lj49s9NRDe4LakKcTM8cv99uGzMN:MlFH3/Ri4LaN3q
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\stop.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\stop.ico (Dropped File)
Mime Type	image/x-icon
File Size	9.90 KB
MD5	5dfa8d3abcf4962d9ec41cfc7c0f75e3
SHA1	4196b0878c6c66b6fa260ab765a0e79f7aec0d24
SHA256	b499e1b21091b539d4906e45b6fdf490d5445256b72871aece2f5b2562c11793
SSDeep	96:uC1kqWje1S/f1AXa0w+2ZM4xD02EuZkULqcA0zjrpthQ2Ngms9+LmODclhpjdfLt:JkqAFqroMS9lD9Ngr9+m7bxpXHT5ToYR
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\stop.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e8438560908e2bb37352c29b84f766a7
SHA1	0125c3bce5555dc001eeec5422bff7943d5a4646
SHA256	5e1b77145949e98ee6ca6bc90af9404ec3027be8efd6e13b005a148fc94b2ad9
SSDeep	48:rdp411k3OjgQe772cQaSC4VYALs2Ib3ul4ZwAA1:rT411BeRdSxsXbe+o1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\SysReqNotMet.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\SysReqNotMet.ico (Dropped File)
Mime Type	image/x-icon
File Size	1.12 KB
MD5	ee2c05cc9d14c29f586d40eb90c610a9
SHA1	e571d82e81bd61b8fe4c9ecd08869a07918ac00b
SHA256	3c9c71950857ddb82baab83ed70c496dee8f20f3bc3216583dc1ddda68aefc73
SSDeep	24:u2iVNINssNQhYMEyfCHWZZ7rTRrbWjcyuE:uDW871fdZ1lbWjME
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\SysReqMet.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dcd955521da8bca81cb9879463199059
SHA1	a766ec55a9b856d3b08f65b7ea4d90e8bfc75729
SHA256	7b9e867a681951d7d89abba6a21955b25eaba0afd7af8c91e97447072e07dcfc
SSDeep	48:rdp4BPgvkAi/x2mmq1fVdGdkx9uAOHud5i1:rT4FAaMC1fVdhx9uAYa41
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\SysReqNotMet.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	403356dd6557d05d67dbc76d314fc92c
SHA1	10b401ee570e1b678fc4420aaf72f7eb5e670db0
SHA256	890faf0fb51139de822faaa63982b7eccc7614ecb304a0d5bb87da95363faa0c
SSDeep	24:QG/zkQ40TUauNN2X01gopHTF5W4FnYH49bDBsykDLiKMwYqvFX6PigP4JqunvaS7:rdp4eeWqYY5KMK9YigPUquniSKRfC1
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\warn.ico.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Graphics\warn.ico (Dropped File)
Mime Type	image/x-icon
File Size	9.90 KB
MD5	b2b1d79591fca103959806a4bf27d036
SHA1	481fd13a0b58299c41b3e705cb085c533038caf5
SHA256	fe4d06c318701bf0842d4b87d1bad284c553baf7a40987a7451338099d840a11
SSDeep	192:USAk9ODMuYKFfmiMyT4dvsZQl+g8DnPUmXtDV3EgTtc:r9wM7pyEBlcgssmXpVUgJc
ImpHash	-

\\?\C:\588bce7c90097ed212\Graphics\warn.ico.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	28136343e3f179f9716bf468d3c0a49c
SHA1	96ae87e26569f31b3e7bbad687bc55142ccf7b4b
SHA256	3fa864e0cab4a077c27752d2a18b28bceda7890a5c8e6d0c7def4adbad83ef37
SSDeep	24:QG/zkQ40TUauNN2X01gCeNV6XCHVbzPljwc5N9X38rlQ0TiwgulVAeV6qls5pC3I:rdp4egKPJH8rliwZ1Vxlsy3Zty1
ImpHash	-

\\?\C:\588bce7c90097ed212\header.bmp.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\header.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	3.54 KB
MD5	514bfcd8da66722a9639eb41ed3988b7
SHA1	cf11618e3a3c790cd5239ee749a5ae513b4205cd
SHA256	6b8201ed10ce18ffade072b77c6d1fcaccf1d29acb47d86f553d9beebd991290
SSDeep	48:f0sO8Kdwc6o5NF5ghwwpnMOccFpscGqfkemvIQpQK/xHiggTfGRgVC0q:cMa1krnrJmdQ+EgyfG3
ImpHash	-

\\?\C:\588bce7c90097ed212\header.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e7fc90d34b5732cb151436c7e9514f97
SHA1	e9115f35ad84eafb25615badffa253f6cace1da6
SHA256	ab94dd125bacfe9579322e51c1a90fdc5dfce939902f04120b1deea8356d5c67
SSDeep	24:QG/zkQ40TUauNN2X01X/jlsWl8CC7mEqGLHoQe6lEZaC7TijLQfyp4MDo8AlMyqS:rdp4Jln8CCbqiHo1n7ilCMDcSu1Sd6R1
ImpHash	-

\\?\C:\588bce7c90097ed212\netfx_Extended.mzz.bbawasted

Dropped File

CAB

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\netfx_Extended.mzz (Dropped File)
Mime Type	application/vnd.ms-cab-compressed
File Size	41.13 MB
MD5	4f892641325829a6e6ca30f69d16a065
SHA1	6b612b0db563b728bb8fcd20a9b4e40ed057961c
SHA256	19c7eab7b6703d311cb5fc0cfae6aaa3e5f23a5484f2aaecbfce30d090ef3fe0
SSDeep	49152:nqkOFSX7xpSdqU6tLnvVqSK5G22mDgBOOmeGGiU9Erqkbnt7QTr5+Oc2EI+8dd0o:HtZKH2mALErq2nt7rvfI+vZpfQ
ImpHash	-
Error Remark	Could not parse sample file: Could not open archive

\\?\C:\588bce7c90097ed212\netfx_Core.mzz.bbawasted

Dropped File

CAB

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\netfx_Core.mzz (Dropped File)
Mime Type	application/vnd.ms-cab-compressed
File Size	173.08 MB
MD5	e1662609a047427e438427841c86975f
SHA1	f4867c4b9ce3d6a61e27a413a7d130539d82b888
SHA256	7337790f41d70663ecddd9502359cb53eb8e86e2f8900fd53992e9716d526308
SSDeep	196608:+V04YyKSBXZ35w+KBK2KJKDcloT46ooP8ZNoz+hK12RP1O7lT:r4Y7qZ3CwFISoT46ooP8Zyz+hm6Mp
ImpHash	-
Error Remark	Could not parse sample file: Could not open archive

\\?\C:\588bce7c90097ed212\ParameterInfo.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\ParameterInfo.xml (Dropped File)
Mime Type	text/xml
File Size	265.67 KB
MD5	7213da83e0f0b8ae4fea44ae1cb7f62b
SHA1	f2e3fcc77a1ad4d042253bd2e0010bcb40b68ed3
SHA256	59e67e4fb46e5490eee63d8b725324f1372720ade7345c74c6138c4a76ea73d9
SSDeep	384:EYSROAGiYNVrkT+8TodTBltw11VTvcL1wCiUj78leRqmH9Hej2iXWKYP4JUaGMLi:EFROYoVQTLTQTDFdhaaot6PcbrIl
ImpHash	-

\\?\C:\588bce7c90097ed212\ParameterInfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	745e4922bf25cf18a18d993b988fee24
SHA1	4528e69c1b4577b50b5c4a3ac9b23cd35650cb53
SHA256	f4dff63d2ff01f70656706969d88e191a41132ee5223f79c61f3914b83dd1424
SSDeep	48:rdp4tiQeBHM304PR2MqU9cy8lQ5UMOhYua35tHTi6TlXxuo1:rT4Reh808eCUcuq5NTJTlXko1
ImpHash	-

\\?\C:\588bce7c90097ed212\SetupUi.xsd.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\SetupUi.xsd (Dropped File)
Mime Type	text/xml
File Size	29.41 KB
MD5	2fadd9e618eff8175f2a6e8b95c0cacc
SHA1	9ab1710a217d15b192188b19467932d947b0a4f8
SHA256	222211e8f512edf97d78bc93e1f271c922d5e91fa899e092b4a096776a704093
SSDeep	768:hlzLm8eYhsPs05F8/ET/chT+cxcW8G2P4oeTMC:1wchT+cxcDm
ImpHash	-

\\?\C:\588bce7c90097ed212\SetupUi.xsd.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ccf2817a173d267485233d5da79507ea
SHA1	c7e4720f9a918ae570244b070ecf8ab03a397222
SHA256	23321dff2b0797d79da97256971d22c995a73965809056d12ca34bc0a6855a28
SSDeep	48:rdp4iDy8JWrZeq9HK99dLz1SIpEuxgl8f+fOv4kaD801:rT4iDy8IVeq9HKZ5vEuxgef224kaD801
ImpHash	-

\\?\C:\588bce7c90097ed212\SplashScreen.bmp.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\SplashScreen.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	40.12 KB
MD5	0966fcd5a4ab0ddf71f46c01eff3cdd5
SHA1	8f4554f079edad23bcd1096e6501a61cf1f8ec34
SHA256	31c13ecfc0eb27f34036fb65cc0e735cd444eec75376eea2642f926ac162dcb3
SSDeep	384:G1o2kgxmJGEsU3pP28+Qq1ms68/tUqHUlHGwM7bwv3ETbFrS:kkpoapTbimsqHGI
ImpHash	-

\\?\C:\588bce7c90097ed212\SplashScreen.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dbc599357680a8e480e03f72e9fda54f
SHA1	7393ad7fd2f278e49445579a836217f101d9ecaf
SHA256	ed246b5ae066c399d45a85450487db2f9786c7b93e2fd22d26e293aea981de35
SSDeep	48:rdp4jNiCtfYQwTbGbAmRhkHyKTlImOWbaA3inH/D1:rT4pilDbG004aAAr1
ImpHash	-

\\?\C:\588bce7c90097ed212\Strings.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\Strings.xml (Dropped File)
Mime Type	text/xml
File Size	13.75 KB
MD5	8a28b474f4849bee7354ba4c74087cea
SHA1	c17514dfc33dd14f57ff8660eb7b75af9b2b37b0
SHA256	2a7a44fb25476886617a1ec294a20a37552fd0824907f5284fade3e496ed609b
SSDeep	384:VqZo71GHY3vqaqMnYfHHVXIHjfBHwnwXCa+F:VqB
ImpHash	-

\\?\C:\588bce7c90097ed212\UiInfo.xml.bbawasted

Dropped File

Text

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\UiInfo.xml (Dropped File)
Mime Type	text/xml
File Size	37.99 KB
MD5	8b8b0a935dc591799a0c6d52fdc33460
SHA1	ce2748bd469aad6e90b06d98531084d00611fb89
SHA256	57a9ccb84cae42e0d8d1a29cfe170ac3f27bdcae829d979cddfd5e757519b159
SSDeep	768:24UR0d5vssgP7ZgZ/vSguJQvFQXvDINJh6Fmhvk71sO0Nep3UL9Eu+dOtOcOdOjY:24UR0d5vsTPuZXQYQLIN/6Fmhvk71sOR
ImpHash	-

\\?\C:\588bce7c90097ed212\UiInfo.xml.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	504ea0c62ce25957fd1124ea471bbdcf
SHA1	40f7088fc11972704c4275f4833b2eaab7d43df8
SHA256	66a864280340949c540900193f8aa6e1b1225571c40a60a60a6a2cd0a2174733
SSDeep	48:rdp4LlFHmK1DFMGojzNigvX+pk0AK/hVMnccp+3IS1:rT4jHLFJo3NigvXMlVWQ3IS1
ImpHash	-

\\?\C:\588bce7c90097ed212\watermark.bmp.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\588bce7c90097ed212\watermark.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	101.63 KB
MD5	b0075cee80173d764c0237e840ba5879
SHA1	b4cf45cd5bb036f4f210dfcba6ac16665a7c56a8
SHA256	ab18374b3aab10e5979e080d0410579f9771db888ba1b80a5d81ba8896e2d33a
SSDeep	768:QKUpOeBmAj72KbvEvffvCv7cTIMUHuRzHA8X9H51T9ho4xw7CgB1:QKULmAfbvEv47cIHzE9vo4SuU1
ImpHash	-

\\?\C:\588bce7c90097ed212\watermark.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	af8f518e4d6375024fec9843f008eda0
SHA1	a7fdb7ae343f1153153a95689190e9de63c91b8d
SHA256	7991b33ec18298dfbfe9be138d088d79e2d947e8717f21e2d961c944c01ef0ae
SSDeep	48:rdp40mBGIwKwkhBtr2tP8hjaYQzhAbrLXJOpXB9/41:rT4VBGIwKjpQwjaS+b41
ImpHash	-

\\?\C:\Logs\Application.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Application.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	8d8baedc47b6cb852ad7b4d851e1899e
SHA1	5be068cb15a2da5fdcf8e0b431cea97afff45655
SHA256	27fa108ac47050081133d4ff8b52b878350156c12a98e6f97728bba54ef59383
SSDeep	768:xHIz8GFMIxEkigqJqAczhqbIkq6cqiqdqCIXIuqCLIHNI3R:48xIxEzcWcouR
ImpHash	-

\\?\C:\Logs\Application.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4016ff3601903260b8b05ae61589012d
SHA1	a75f9af45f669b475880fe1528c170f69860e87a
SHA256	c0d3438f30051e17ab3fc99aa835284f672fa17bb66fa7cd31860c4d965c5f5b
SSDeep	48:rdp4YTx3KdbyyBXcCTJVblhYqMf8+zoGTIujuE1:rT4YTx3KdbXhZ9VnfMzcGDqE1
ImpHash	-

\\?\C:\Logs\HardwareEvents.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	bd13888166e4d3e1ed988a9601a554b1
SHA1	f3c3e4e5d1c98f0c8613e00b8009174f45e4d811
SHA256	624e07bbcd529211c648875ff23529b98e40fa04dc026f54fe6d2d3e8dd7f0ff
SSDeep	48:rdp4FUTXn15DH4LsdoxWLFs9jEkz0syM3GH1:rT4FUTX15DYLGoxmYA++1
ImpHash	-

\\?\C:\Logs\Internet Explorer.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	71877ee0cbd7b773e7d9cca81e4cb321
SHA1	9349d05e9b53f6bc02fd6ff0e4fbe0c88e6e8184
SHA256	140fdecac0134c2842371053a6f76d7e059e3c35a0a8bbae455f661b3ffd74df
SSDeep	48:rdp42glYxp0ByrXPcYyyZgBJYwB0uhCV8d141:rT4qv0BuEYH6BSk02bW1
ImpHash	-

\\?\C:\Logs\Key Management Service.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b3150ce5ec77c463b0557ccce5e7f520
SHA1	23ec764cc89da55b6c025610b5e5b78070f88279
SHA256	a6753f847dc2c3e8a9a0b8d8877e7cd0b2cdb7842b084e6df7410766b258f536
SSDeep	48:rdp4I5IbiSrJ50ewbuyAw9ohYy2xUHNfi28R1:rT4cI+SAewyyAArlxU428R1
ImpHash	-

\\?\C:\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Client-Licensing-Platform%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	ce35e0470fa711eda1b015bde5084717
SHA1	8d653216da944e19fb8102000baf6e4e2a290619
SHA256	9327afc6a7549e7b16446a1dcb019bc2466c4622d325ee7ccf9d161792a0dd20
SSDeep	192:bOV7puQ7YYhgHqdXptK45WlR3TsaICbHtUOykATnRQjdG8yKg2GqFShdW:bOheYhgqdXptKHICbHtULkATKyKg9
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	aa08a4f41448c2ac668ed8d8894b456c
SHA1	81366cb64a77a1d08cef19bbe0edf79637140351
SHA256	9e5c86aa62ea2fdf8309b536c28a1648cb80e09f7bf6fe5cf886cc752c556cc5
SSDeep	3072:NZTZKPJ5r+5CJn/X3dlvwrTzt5AXqtclb7vF1rum/lZmJauFMbTZ08bD1p5Qv6wH:NV5G
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-ApplicationResourceManagementSystem%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c0de05e1779b7adefe59e31e3f2a26a6
SHA1	329b9f5b719d82ef97cc8c9a53befe5d9c5e0126
SHA256	d1a8c24ae7361f10af0abe3749e0875db981c74ea814679b07b730868efa6e32
SSDeep	24:QG/zkQ40TUauNN2X01dsj+UrFdJwVrG2kSlZvynmJk0jU+uLoDG8WFDTroXtkTsQ:rdp4nerFgpA/YGGkT7I21
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	39c54923d9b8dd252f71c4c9a72484c6
SHA1	3fe5c148f86d12d29d64671c5013016ef783afee
SHA256	0c1447a0bbfbf8d25345c19d12817673a90317f29b5d9baba64f34c0e001d41b
SSDeep	48:rdp4B0k3l7rAE72bbDMNIPkowQvI0jlIdRo44gqPBC51:rT4B0kZdaiIxI0jlqO44tpi1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	c62447926f9b3d9af290002ed7511ba1
SHA1	bda7a5738fe8eb26bab1c52a1cddd494faabbe01
SHA256	3124663902138a02229759d88b129e3c5aea4b8645c418528eb345558aa7d1b7
SSDeep	384:GhIYT4Y2YnYKY4YjYXYRY3YoY/ulYaY9UYCYOYGRYXYCYsYJxYDY:GCuiQ
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4MSI and Script.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3c49a956ce8858bf3fa718bbd18614d4
SHA1	6ff3c93381d98f8388737d35157b2054a7d50400
SHA256	17fff4453784f9345b0a67a90e9eb843389b767d9deb1b778d0df3065516a6c4
SSDeep	48:rdp49DDZtZGCc0abjggh0MawdN4tHTD1VG1:rT49HNGClgbawwtHHG1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	03392b198ac3404af0545c79c65c69c6
SHA1	6759277b5fd2e496d9115e8015b0c5bca078d0e0
SHA256	71f86974c694652a8123c07f922fc4e698f6c0ef115fef7016b8806410cd6d6b
SSDeep	48:rdp4niJsdXqnFL3qUDbvzn8R7wLp5ObwyYe5xs1:rT4noHJ6ePn2mObWe5xs1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	db2802bdb42a726d0d7607f58acff078
SHA1	f3e90dae7dcedf0a3373488fc40709057efe4814
SHA256	28e3f06dbc32b5305d6792f1897dd60aa0a4c755d291ccb4de33fb7e2b5ab1e2
SSDeep	24:QG/zkQ40TUauNN2X01aevqFpxUBsuMOw50SanVb6zgOYryxall5jFeE8RwF+QzlR:rdp4vvqDeBBRvVezgOYryxa5j0v+1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppModel-Runtime%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8d806017b0ab86770d88d7b52ea4b800
SHA1	e474d0e950c770f9478e553d912e8d8accc53c23
SHA256	31e752e5a8db6711232525a30a36e3a30653d91ca8cd7596444932ab151783e2
SSDeep	48:rdp4axNlq1TPkAnKTgkSmdSjNNGJWgPAsypUZ1:rT4S3q1TkiZCSjNcx5ype1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.07 MB
MD5	1646c7bad118531da301130e0d530499
SHA1	ac62719d0f6721665b23f15aa38784680cfafdf1
SHA256	71cb4b5fb93cda61eb9af06e0c82c93418efebda7dbf1b2c38b9bf800f605f32
SSDeep	768:ut5eUJYnFP6TPSZR86f0FCaWc7BsivBDSBYHjPY7p+1/5TV0zx1N2aw:IJgdT07GivBDSyHjA/zx1m
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppReadiness%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f230027d442603743cbcb645dfba689f
SHA1	12dd156769b316f80a66592312ab4a1b2c60d147
SHA256	e2ae2f07e5eca2cac2224fec443a1baa38eb859a62dbe0ca0d9e4c49830be516
SSDeep	48:rdp42I25d5lqVF/orwemlfzV7cYdbWccvni0EQ1:rT42R5d+VFcgJaYBW3EQ1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppXDeployment%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7b0609e743aa4931c41285285e665d9b
SHA1	71fcb9a01f2217a75666b0f82c11351c47b94471
SHA256	d37dd3aa144a9ee861439cac68688a79bc967721184e1af229432ac60e4d02f5
SSDeep	48:rdp4M+1Twhk9GO/+wWFkOe0AyX4stIU2HfnHZ1:rT4ZAhOm1kOeOo872HfnHZ1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	2.07 MB
MD5	66bc1d8c1de13e1d1ab8ee6ae2ce013c
SHA1	7ad16e427765d99a1b854244d52f20d438d41420
SHA256	1b6abae2e4905abaec242995268ef3340b3b92876c8666ed1a2e304d5ec74e55
SSDeep	3072:yT8ZfIXU4bgUzJCANS7ebOKXQbwkqBYxbJ1OAzLU5vQ4LkTK2JNiHim5WN/jAQgw:U7cPT
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6f6d1c08ff1e5876583a1dfa18ce806b
SHA1	fc6dfc83f6918763a74d3b768a679764547c9d99
SHA256	b1bb558582d04a079c548267ace2a709372f38de6d14e6993ce6cba3b506c5a9
SSDeep	48:rdp4E4ar6H4GmQOOcL+MdZQ1XWvlPu5K5O1:rT4R4GmbOcLrdZq4GKM1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4ed66e05c68e2e9a1c1b74dec04463b2
SHA1	9dde97547cc52b3f3bf5ebbeebf9e28eb07999ca
SHA256	c84ccb4576a3aceb195788731190801de737d5cacacf9241881340285ab898d0
SSDeep	24:QG/zkQ40TUauNN2X01GY22u1Ecsm7ZotLeXdxK+LI64AoAJAK9VSTpAFWg4ERQss:rdp4oQ6V5YZKr+KiTp04iPaW6JC/cx1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-AppxPackaging%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	f8880919bbd41ad6e6e897f187197dcb
SHA1	cced2f89ca6477620497c08a77f74cccabe680d6
SHA256	20ce189ab956e1a1546a46084cb7c36eaf43d00bc78ec50a8845da3c6ea103d1
SSDeep	384:VhM6FDIjFksFkkFkkFkAFk4Fk8FkIFkwFkQFkMFkIFkwFkgFkEFkUFkkFkAFkgF4:VFI2LjjfXbnPvrnP/DTjf/f7rXbb/b
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	de7334e09e02051705c8620fad3a9dce
SHA1	fc17dd0340a65dcec1b1c79315d7616bbbc3b15c
SHA256	ee25ba63e5ef4a24de791c685edbf2eece15d076911f1a495f3ef35b5950bc0a
SSDeep	96:cdRNVaO8FoUy66eKmDfyPSy66oyP+Guy66rN9:SV7yjeQjDGujo
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-BackgroundTaskInfrastructure%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	71100b5b49c156437c405c77757168c6
SHA1	9444bbcff5df14c678b95e30be06faa81e20e204
SHA256	76e67b79f2b03ad79af0502da6a3b3b957dde37c797f77f99504da9eafc97bc2
SSDeep	48:rdp4e13dt4IgGDElQ/U3yEEuKdKGRn26YiOr1:rT4e1tvhFkEXKGR2ViOr1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	cf3e0e701fd61249758d3fda8b92614a
SHA1	8abb23448f5cfba0e4c67961dae602ed76a90a9e
SHA256	bd5d830f4ad4888b0c8941f9ddc68e3a6386e105163e5fdca3fd542eaf4f3a50
SSDeep	48:Mtr1pW5lf0rP+AQNRBEZWTENO4bnBnzoMS1Y1/MKrelm1Y1Wgv6lI1Y1/twkKkIh:fRNVaO8FoMSGVMKrRGL7G9UD8xGQVD8
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dcca940911d7ee956bd606c19e46f025
SHA1	c21ee9fb9689f42698f91bdd1f43dae8ba480520
SHA256	a7782193ff6b628c6f7298cbac8523604dcf26bd8ae9498a8c29f92adb0e6536
SSDeep	48:rdp4S0E8VmMuUnHSSt+bFHpxBsXUbw8LOljrrdYk1:rT4S0FmMuUapxBsEbcpYk1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	c0afdb107ccb31f656a2e748689b4fdd
SHA1	a021e4ef5c1eaeefb886cd31d861a13c5064bcc8
SHA256	c38a1beae58e4b4b3fcdeca9bbc86259a3a81033d2e0a1ffccc66cb8f6674216
SSDeep	48:MtSWstlerP+MZQNRBEZWTENO4bpBY5oM2oSGrVSGr1TiclBLSGrVSGr1blXrSGrm:AKNVaO8OoE5V51Wo5V5195V51y5V51
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-CoreSystem-SmsRouter-Events%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	85d05208d72870d2d7775bf908abbeb9
SHA1	16554834c1cf0aa1accba6a64e4b4705b8a52c40
SHA256	fc80f62ab68312ebce4c16daf5d29a352276c83e34c01b1a2c929aa911ce5107
SSDeep	48:rdp43xDRwt75wtWlb7whUWgk1yCDgw5wlUkA7ZjKGv1HoglH1:rT4BDiJ5o4wmBpujR1lH1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c6c30abf52e5709af5d58bba97233560
SHA1	952f5cfb09b489985e7a3b4cf0ddfd7e4ba19890
SHA256	88d81c4067e36d04ca5ae3590fac1c8cde5b9718ba28dde485199169b95e9371
SSDeep	24:QG/zkQ40TUauNN2X01ZOehNy4pf6X5MnMZHdq8o5GK2ocBlygaIoxUevSFY3nd+x:rdp4jOkyEIUMzNXlmy1FwtzXbo1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	72b32435aec0c7f1ea2617bd5bc60522
SHA1	13928a27a7d6f72a68b71b2cbf8338428b9472bf
SHA256	4b3f6de1690ad07c45d5f596358921169fdc37550f9bbceef356eb68b6a4671c
SSDeep	96:J9KNVaO8Ooehu89k/2pr4LhyMEhm9hIdrjj3E2h:J98V7bhuVq4Lh7EhKhcvRh
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ab57f804021c74815ffaa24e90b516a1
SHA1	226561febae4394879f5b13ae4a9bdbac86618e1
SHA256	6ff6702a32a25503056de68100bf7b20bb88ae809cd6dba62edb935b85099d81
SSDeep	48:rdp4GDnlQ1WNDOfV0cqjbUSmrtd8mfHK71:rT4GDn1N00c2bKu1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	0fef4115fa05550c2a3e0da130cf584b
SHA1	457dca239566d4dfd54edba0770f7ecbb9f32bfe
SHA256	1012c91fbd87bf92898a1071bd6eb06d9526000aa531c1777a4a5dd513b6e225
SSDeep	384:Xh3CIhCklCz6ClCCoiCPSCLfC8tCY0C/ECkLCzBCf2C4aC8rCL9C3UCQ8CrnCchi:XcZzfm5sH1IehGLxLivV
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4c9c71df7b87a24d87ebe4b3dd614333
SHA1	4cc53edabe9b29ded85a7f4c3b4417016be8ca33
SHA256	d094c28922015d5b0b998277e26c67e93d261065ea071c6b76551eb886e46603
SSDeep	24:QG/zkQ40TUauNN2X014lffWTavz52W/x1xWTA0tWWA8AXPc999QHOGhmAerqDh4e:rdp4ylffnzo+DWXtYXC99mo4LPFsLz21
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-DeviceSetupManager%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	5acc083d24e49ceaefdac526f90a2c9e
SHA1	4f30b98b973d2fd01c8e328deb943f4de10272d4
SHA256	a5dc2b25a06faaef6a66d5a4af3fbe8a9f576b20dc9b9e3d2c60395a4bc6b56a
SSDeep	48:rdp40B4iTbjfw72jl1EBF/cKf+SL9m+venFQ8bV1:rT40B/3TC2OFEKmA9m+venFQ8bV1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9b5203861427dae8c3ac633cfbaac7bf
SHA1	5605a40b3df2e722029746aef2c99aa150ef6b87
SHA256	171170b1e13d91a8aad29539c41d93b2891423f805e634268e2df037f7962db8
SSDeep	24:QG/zkQ40TUauNN2X012IloMy5On1PbSi614emJcsWKGIC6K2H8M4eFbNM5CmV5eX:rdp4sIz5Pb36qJcstC6KQVRFJM5Cqa1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	fa092cb783c0500d17cedf9982cb5b79
SHA1	bdea7e2c60f476bacf51667c6b5d4e30fd376ebe
SHA256	a23ccbd323b433af69ffed2b23ab39f95d7fe219bca9a89e9c0006874fb6bd48
SSDeep	24:QG/zkQ40TUauNN2X01hlmjAmd0a1hltE58elL1ONjKMioIbU3PnOK03nmk2YGj7W:rdp4QHvHJ8nMirUvi3nmVYoZK1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	55d3385e56f4c3f9b8c39798202bb8b7
SHA1	2f7fa5a27ad534628868f6936c265d418eae9619
SHA256	9b85d90ea7352007f5bc591017240bf9f31b9123b198c2f4f8b8d4c5d702a84d
SSDeep	96:3wgvRNVaO8FoGcsNUZycplcOVkcOVrcpVcOVf3cpFYcp:Ag7V7wcsNwyczcOicOxczcONcUc
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	04494a0a40afae8746110cc1e5b406f9
SHA1	af1d286df2952e46012b62fa5e49515592598c30
SHA256	cd2f9376ce91cfe4273adbfadb6ef45162f9c17893ecd287748d1405c56dc2ef
SSDeep	24:QG/zkQ40TUauNN2X01X4GNSohclCzra+jVwja4gE7qPi/1sIbxxzu6V0UJEcE77h:rdp4l4SSvCnlCouqPittxlu3+EyZweO1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	ae49c0fdb736c9bcbacc3be2a7f47a9a
SHA1	3b94e45f960a98e6bbc88417b6f1cf2e97476ced
SHA256	74dc23c122f57a713ad487d0aed974bbcd2bc3268e96195160f8aa143469ab6b
SSDeep	384:drhUESE4eE7EuyxE31EBmEMoEWtERiY+Ea4ZQJSEhEvxHENEEE7YaERnEDEwREeX:tUvyc+M+6YdDjLsA4MV
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	50eb1f0fbdba12e2ade1327c2568430e
SHA1	3b3cf8a8b5abaa1758c643bb17a262f9f62ab867
SHA256	6e687c29b40eea5a1f743cfc8042156ee44912f974eeca4bec7c5417e9d7633c
SSDeep	24:QG/zkQ40TUauNN2X01rx0WaW4IigP/KFA64T+fliS+pf6uZtBqEoe1u94X37OSDA:rdp430i4IigP/KF1a7ZtBJFX6o/ySi91
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Hyper-V-Guest-Drivers%4Admin.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Hyper-V-Guest-Drivers%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	5ab3ab501f7c38685577a3827e49e463
SHA1	6d0f80b9b35e64bef7618a7f02d287970d41b1ba
SHA256	3553ed0136ce96581f8ca4a31ef0cf2df83de46d783ceae681effde5a026ccf9
SSDeep	96:cSFKNVaO8Oo2SqPRSm/Srjj3EYSqPRSJSqPRS:N8V7PSoSm/qvDSoSJSoS
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Hyper-V-Guest-Drivers%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	79028397087de0002af2eead761831e0
SHA1	ea4256f379901ff10d7a53dfe77aa8e01bc6de35
SHA256	75a78b2519a4ea4c097941e7651549bdf1ad73c691934727e1d9b5d0a3aff534
SSDeep	48:rdp4hA0Zuira74MdMrlkKMD74ClPmTjiPI1:rT4CC5aN6OKM4Hig1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-International%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-International%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	86ffe70f7375713c3f4cb4611f774252
SHA1	edb5ea36a45b03a4dbd775df7731c92da12ea0e1
SHA256	ee98c485ab4134fd37d79e547231a4fae17b7abedf71f6647ea71b74a3fca053
SSDeep	48:MvpzpWflf0rP+AQNRBEZWTENO4bnBnzoLukAcxGWtAdawQeLkAPdafMw6GMeQM7A:wKRNVaO8FoKkJxUVLkuO
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f195ca10a22769e24b252d25a334cf19
SHA1	d161f061c230811ad6810a68bc6d013082775f36
SHA256	d72e9942b5137db6aee14eda9852e2f8d9d4f3e6d2955e758c980a46be62c80b
SSDeep	48:rdp4/Om0VbSEmkbK+9NJ+j9AiuLNtOVWptVGpnJ21:rT4/Ome31ukNJ+j+Npz821
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Kernel-EventTracing%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	17698343f3b8d399681542a25821e4f9
SHA1	38ceb68392399ca4a6bd2f947278116c323627af
SHA256	e387ae63eba83173cf95c2ca977f76e93e398c21ee65ca768565d1c08a518842
SSDeep	48:M+H3WRlerP+MZQNRBEZWTENO4bpBY5oNFOKvOKiVcC7nm6R+:ZfKNVaO8OoNFOKvOKiVxnm6k
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-PnP%4Configuration.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6f778545435fa8e35c70dfb2734b41a6
SHA1	2e7cbd51a8f609315d13713f159df4494e716a25
SHA256	27ac8565a2098a0ad772cc63af0de46ed344b9e47faee9137e8f7d578b81bc46
SSDeep	48:rdp4RyzRncpgjxPUK1lXAvRIgm8SxNRrT0c+Nl5j8X91:rT4RUc+JZlXKmlNRrT0c+Nl54X91
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9cd7e9e86aef270e2489ca481802b0a0
SHA1	38141d6e68aab04070f8d909d5fbb432c9451baa
SHA256	9d292b29e6143dfe4422431abfd677f0287664adbe1243bab1a0630a58810ba0
SSDeep	24:QG/zkQ40TUauNN2X01p0F8VV+fa3E0wS4AENKdI1AC9pNYEcglfQZqxczsQlVMYJ:rdp4wGVcfa3tFeucxLM8wjLAsWaPL1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	5532ee2a73373ac01aa81016df9ce24b
SHA1	d11fa6ba909f2220a4c093a6a1c120f4aa91d993
SHA256	60a6004ff79f855d5a647c1ae3ee550c29faaf562f71fe2e6405acbeeaa77b1a
SSDeep	48:M+3CWJlerP+MZQNRBEZWTENO4bpBY5o8OuLBOusgQUQffDT1:pcKNVaO8Oo8OqOnR7d
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-ShimEngine%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ab77466917c7ea9577fdf27075af04a3
SHA1	53fde373bbdd9e313917974428847c4af5389fce
SHA256	9f81b2f7eab3ef6bca884787bdaed9f9ecd36b9a250346c63abd319cba2900ca
SSDeep	48:rdp4NNRbElFYLlys4gmLigL3gS7FJASP3px1:rT4NslSyrticH7FJ7Ppx1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	09bd02930856bc31c4e49861d0f257ce
SHA1	c504dd6db1de65506c2797734e838ff5a459a943
SHA256	6561e44385e13dd1385278a48bc091f68e1dfc10e06a9411523c5a3f721caf61
SSDeep	48:rdp4WlCH6rARBolALzKlI0Udq0hwAIFe1r9y1:rT4Wl5colxlxUjwAAem1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	acfb0f5996aaf345a8db7a82c0caa093
SHA1	1647940d41ab325e58e64af847f5212a80186cf7
SHA256	24b4398db0fd3d2225f6e3bf9e6dff96a83e61b27a95b2e77779779fb932eb58
SSDeep	96:cizcKNVaO8OowOROhsI2QtAPExPER+D6rjj3EhORObPEHPE4FUOROMPE0PEdW:L48V7dIqsI265GNveIDc1IKt
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	2c3a615585fe7a0353570b3809834147
SHA1	0a69adfa6c5d192fdc005e9030badad1f79c438d
SHA256	4e9ff3306b6270a4a8ba1d035af499a78ec285379cb77537a142ac03af1a98a6
SSDeep	24:QG/zkQ40TUauNN2X01g82YAjeHPxy06cYUt85mVw0NW60ssBMGMEXP6DY5F+tcNp:rdp4eO8MPx32arNxJGNfhSSMFQ1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Known Folders API Service.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Known Folders API Service.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	6de33a6f75a0304e528827111733bfa4
SHA1	1b398842d9bbad5be539d45bb60501d2762dd73b
SHA256	1925b3197d54e91e5d5b08778b149d6f662edf68907b0d997f7a68e577c26e89
SSDeep	192:iG8V7EOPaxSNvJZOPKROP8sOPEiOPcaOPsOOP3uOP:+hEOPaOTOPcOPnOPxOPVOPBOP+OP
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Known Folders API Service.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	360f549796060e46dcda4f2aaca12b68
SHA1	34601dd29927c7b7238a7208881eda51c25e2048
SHA256	74065938ebe4790574683d39bf7c0d9cdce9630c9d8e506b292b3d35c5f4019e
SSDeep	24:QG/zkQ40TUauNN2X018sCykQBjO1cuVGCQiYZd5QK4lL6q+3LoG4uS4XWDfdFeLx:rdp4qsBkQ/jdOK86b8DVBQIg1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-LiveId%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-LiveId%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	e843c04d9ef3040c42847e2df4a3dcbc
SHA1	e1dc96f34d03dced7cac6526698fa65d2cfaa7c4
SHA256	43826a25b53872122bd0bda8de54f68200ed18a7140593eb103fe3dfc665fc49
SSDeep	384:Ihua5Iza5Ga5Ca51a5ua52a5cea5ia5ua5xa5Da51a5gza5aa5Ka5ba5Da59a5un:Ie6
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-MUI%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-MUI%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	022c0989dc5f262e65c8125bf4b43ca8
SHA1	b687f0de6a12b105e45eaf801a2e9141b6034791
SHA256	7521e79e1d2c4ed8ecdf429069fd55e5fcdaa551d91525f7bd164ed1924ba8db
SSDeep	384:ih+Xd8XolIXAvXwX2XwXiXecEXyTXXXvoXSXvX1AIXsPSXACXhXXXBXXXecFXyu1:i4zsq
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-NCSI%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f003dc8b835697c31e89a80a8f0af2fb
SHA1	7a4c2ef384e2f304af515b2dfeb321f045ded7e3
SHA256	88982dedbbe6de82b0e3cd72656620292ce13d09312cad3fb6ba247f086746d9
SSDeep	24:QG/zkQ40TUauNN2X01srGQo8TfP3/Xlps4Xyx77eh2gzrP4J3eixoTvX7vAjmqbp:rdp4Asw1UN703P4Jt0v7AaMzQK6Nja1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	76d0ac1d345349f40fa787a5835e2a69
SHA1	7a634473ceb5bba233be2c6de83e8bab01f0afd0
SHA256	f9947bb186a88b826c0d7f27dd1f40432b6b16a0d1e752d163d68b76cbf36f6d
SSDeep	24:QG/zkQ40TUauNN2X01hzIiQalZycHyh0e6W4uNIlj9DXHt68EQJMlClyxPmJkqWh:rdp4oVaZW4AIpoHmC2Gc+0bM47/Q1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Ntfs%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Ntfs%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	d6f7445d9f9d50503e080cb407a15f68
SHA1	64041771105a6beca8f4ae540537c56f3a270abd
SHA256	694a2ac26a73be3105de3132bc9385b7b5392aea0df77819b200bdd2283d676c
SSDeep	48:M9SmWplerP+MZQNRBEZWTENO4bpBY5otTIJ5Xz7cPflmXHLP7j3E13dISkb3zlI:crKNVaO8OoJIJ5Nrjj3E1tIlRI
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Ntfs%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dc0a2f33c1334e66369255d6b0d4a84a
SHA1	3f14b751358ea357b435d7a332f66d1d054ffa91
SHA256	a0ac0b3fafff306fd9ac9b3bde34b5fcb240910304f62e1e6c8454719d911b5c
SSDeep	48:rdp4+Ey1iU/CSDWNPWST+YvTSHpOkRUm9aNLH1:rT4+Ey1iU/9WdWkSJO5SoL1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Ntfs%4WHC.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Ntfs%4WHC.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	4171979151d7c48dc4e30fccab5248a9
SHA1	bde60fc68c2d689a464d5762c82fb2d10519cacc
SHA256	c090262463ef8c5b404cc75ed4d8aa92436132f0cef2ffe309b79292bb2f2b7f
SSDeep	48:M9SIWZguMlerP+MZQNRBEZWTENO4bpBY5o75IgS37lJCXHLP7j3EkDI8FJ2I8:c4RKNVaO8Oo75Igcrarjj3E8I8P2I8
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ae89d30f36a6422e887e62e416fdc859
SHA1	ed1f28a282c6ca87d4d69b8e2cb95d9a89fe40d8
SHA256	7b928262d1d95d181ec691fd12d422e58c0804def076874a290224ae52856013
SSDeep	48:rdp4QvlLgWeW7v1TQKbyLyU3PvheSSDlT9F6f1:rT4+gWx7aKbVU3PpIDg1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dc0a0cdcc7a98602df53b0e274e0ecb4
SHA1	07b34251aae676f429b3c77b74af79f17129da88
SHA256	01dddabb14cf96ce262162bc5afcef5c4eba776357bdc79216ef665764f812a8
SSDeep	48:rdp4cllLRK+elbCCY2A4F7OWq/vhr/Bb1:rT4cllQTZ5OWIl11
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ad2b8355edb00659759dbafd2f27dd60
SHA1	38e9d94277f915000cd4a8e86ef9fc2a007610c3
SHA256	02d16cc56b54df80179928a2656d6dd31fcb9232bf56de2722466cbc4d13470e
SSDeep	48:rdp4EaOCx18a95YSMKPYHiX8SNTrje+sOAE1:rT4EaT1D5YhqOpSJrje+s9E1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SettingSync%4Debug.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-SettingSync%4Debug.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	00ad576b87f1130e84c44470f81a65c6
SHA1	9330b49a4df4e041b91867a81860a9ba774287ad
SHA256	79995e86e5fcaf8d2291c7504c73c5cea9e6a0c6fa1210016ac61e0ac59333fa
SSDeep	384:Uths2Y52Z472CV2ZH2yK2yS2yu42AtC2Uy2mL262p2s2f2J2y2i2a2L2+/2+2K2d:aC6mgWD8bJMJFIlLNv4uzo11gq
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SettingSync%4Debug.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	c2502e25e96e88a338a4b7de36cb1644
SHA1	c714eb15c53ad0241d3cb601984782b09a66123a
SHA256	0c8ac261f1a1fee08c57e0a1794d36cce4715fd73e650286c84f98ea3fe70dee
SSDeep	48:rdp4FjAxo2GmATO/l6TlQI4hKtw7HFI0ZEzm1:rT4RcGpuqV4hbdem1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SettingSync%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a47a8461e9e3ff9c81647575ea7ab21b
SHA1	f01aa0b92e1512b90a212c581c25e909dfb2d4b5
SHA256	40087949b77a1992ab6457df8fadd22facea329a4bc4b5a6248957e3a4c4cc79
SSDeep	48:rdp4ppsbBlovavFT2KKgXW7/x2Tvhqd11:rT4pebTova5lZG7JCvod11
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3929af7e9a57740c30fbaf89d0f1fce1
SHA1	841fe808402d9a51f56100a11217096415a1b840
SHA256	9447cbc3a71fd4a65ea0152e30e97e3fb4847fb5e21d8eaeab81ba6f033539e5
SSDeep	24:QG/zkQ40TUauNN2X01DiEFlnh3Hx7/iTOPPm374sdaGpNDUbqyyPdm0W8juQLxyU:rdp4Blxl2EeLfxFdf/xyxAY21
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Shell-Core%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	dcb4d2504c03e9449129604da041959f
SHA1	310ab0f47b96738f9c2dadbdbdf67c31ffd07106
SHA256	ba0baa67723f55746a7343ed9ad402eec4bffc1cabb1cad546a1c4e8db114001
SSDeep	1536:CS+/H3Qulz1T0pHh9ZCLpv3fjcpdcxX0Jh/ieZ6yRoebhNkEA96xo41XWUd3195v:CS+/H3Qulz1T0pHh9ZCLpv3fjcpdcN09
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	fce2f53b5feb390f916d62a96b216efc
SHA1	ce14214e57cb9253aa9332685ea36b02cba3b7ce
SHA256	36686f4e709cd9e15d2e9f33bc05c574166edb1d037f4945817fad24218af2da
SSDeep	96:uRNVaO8FopCPCHvtOMCPCwyKCPCwyICPC9:cV7/ugYMuuKuuIuW
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SmbClient%4Connectivity.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	37d1dd9bbfa9c481f717a5e5b36ad80c
SHA1	dcc10b3b89a74506e559cbbd6aa1f00371921452
SHA256	bfa4d76a0c9140b920c6a96b8f0e8be530e8dc76a83b49a9eb4b64bd657984eb
SSDeep	48:rdp4iT4MEaDddick9GRlDPQQ6yAnDYdwqtEn6/7i21:rT4WSUin8Rl8oJdwqic711
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBClient%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	2fb206f857851218d519f2a94ec51165
SHA1	8dc0693d55196e85e2511af1ed8f16c009ed35aa
SHA256	39be53904b167aa5f6f51b5741184ffcb8554e79020941711d3de527c3e56809
SSDeep	48:rdp4mvOWJ9rpgo2DpavoWYdF2WbCft23f1:rT4mvOOx+o2VagWYd0Pftkf1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBServer%4Audit.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	50f220650be203bd95845133d0973092
SHA1	a300da980b0f4cf877a447d172dfa2dc189bc5fd
SHA256	56cdddebea25d45b24cf43c1cf009231b6b796228b1df9dd0e4941ce24984f68
SSDeep	24:QG/zkQ40TUauNN2X014YElp1yC5CUqtjaBr24sewB0RWuqW6+uVCJ/p2GzihljRC:rdp4OpTCcSL0UUJTsBRe1c581
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBServer%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	05f2b90ee93b42887846148050c168a0
SHA1	6057c3a9a1da34c69210d1de5855e23e8758098c
SHA256	cc2e7076f003a48b3f6d3f23bcd6d8f68540dad2c83c838616f24f26b23a549f
SSDeep	24:QG/zkQ40TUauNN2X01yPbollJbxwONAaYIQOYPG3FavmnNe9U0luvE1Tl73RZ0HU:rdp4eb4l8gAotV9Y9j1cex71
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-SMBServer%4Security.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	07308f84a86032c2d08ca0ffc0a6126f
SHA1	04b38428204a657d2f943406f70cd961551c8f3d
SHA256	de5c7deafacb427b5656b5ba6d98dc6d3046915ed1826be146b51387a3bd8e94
SSDeep	24:QG/zkQ40TUauNN2X01OTuIslG97qPl1jMOv7YwX8GllAv47wfixd9tydoEqsvMfq:rdp4APBRqXjMAzXBAv47wfixd9cRFQ41
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Store%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Store%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	2458a95b2377f17c7e9ae7e52a9e3cdb
SHA1	6ae5ab55997debe9a07cca152f9f366d2f8df946
SHA256	83e94c696bbd948536ed31c58ccc094b23ccf6ad0ebebd740da76e589c729b11
SSDeep	48:M+2pWElf0rP+AQNRBEZWTENO4bnBnzopCq6Co9ua5taw6u:QRNVaO8FopCRCo9d5taw6u
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Store%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9ab1e6f9ba645b893cc26e9275861737
SHA1	c4380156cf37e5b385879140ca0a3d4b353ffebb
SHA256	e8ead2518ba39e1c583d24e36bdb5a788b90e8456fc8869ef0577a54d42a8885
SSDeep	48:rdp4bCIIE4QHy7MjaEM1yInwwqpvzFBBJRwk9/x1:rT4bCI87MmEM1yInwt1Nh9/x1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-TaskScheduler%4Maintenance.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	8ca0f5d5174dc872a920b403a0966ae1
SHA1	1ff37d873485e2a0f9fcccdf69f32c991e64fe86
SHA256	480c5d1142685e60776afcaaa86aac8ad4c3ee71018c1313d8bfa0357d843ae4
SSDeep	192:GGV71lQFQTABbQFQTtxQFQTtcQFQTtwQFQTt:GGhnQFQTcQFQTDQFQT6QFQTOQFQT
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	7aa3081efd735855c9406720720d9adc
SHA1	c0b58f42e32a7629d32025f9e385293c45063c23
SHA256	784d78ced1e2041c0f4b6200ea7e8b8c0ff79b5b46b24fe9c1125a202c15ee01
SSDeep	12:MkRiFMror5XpIbZ8fkO9YMTkTQ7blAZbd3ZQbIZMlWlas4ZzzFdxODBlwsGbJPZm:MCnAmbZMlalEikWAs4ZvFDwTw7VZHEZ
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8c0ee1bb3386d4ddc979727c8785f506
SHA1	726874383c7b7ddcaabda9302f65879f1150c64d
SHA256	eb2f0a892f95aea7852194579c6c248684f3859e69a23296b9eda9dd6598f43a
SSDeep	24:QG/zkQ40TUauNN2X01J+9ByAiQmj6YRBnbpXUkk6aCUlAXXv/p8pE+TvNXo2g4dA:rdp47qyAidOYR9ak5aZOXfhuN42gW81
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	ad4f61eb10ba95167cda61a51d374153
SHA1	854c5d787362a4a064b5a7ffe544446be800830c
SHA256	1228dc181cff1a3b9b6a2d88e4e817dfa8b8d36f992b9ca1f5c3a127502ae8ac
SSDeep	384:69h5i5yigiHiTiYSifiviniTi/iXiDimiiiOiliCQiFyiNijiTiHisuiZHihiLix:2Gvnu17qGQjE
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-LocalSessionManager%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	480064b70c69116afdd925ce40dd5f84
SHA1	fd255ddde5e7bcebfa77b6e5b322f573368f74c7
SHA256	ae54c52175e3086bdc65251cc623a752bf5651a834e3fc15bf63f9b27d9bb7bb
SSDeep	48:rdp4sPIJZ85kGLGxZGsnzMs737+Os5+zB1:rT4S0Z827Zvwi+OYsB1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	2c9085d12d09c9f6dab8c36f1bb6e385
SHA1	33a3d1ef3ed8aca5b1c9c1024b33602f061e71a9
SHA256	a0a4ee2653f2e5749f32c71e9ff41f4f06946fb49330c68d2f236500f11ae498
SSDeep	48:rdp49z8DZiKgBQAQTkQ9KBfVUQXAjph8b1:rT461/uQAUkQ9SVUQQa1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-User Profile Service%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	0b1d1cf6fcbcea958fb789dd4de91c5d
SHA1	287ea48e2be896f490ec270dcdc3ad7935f8b4f5
SHA256	81d4e75627def237535285aa287553f7a339e376bcbf398a152c4f3661af38a7
SSDeep	384:bhymXmoImosmFmlmem0mdm3m1mbmemZm:b
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	790be6fc78ae96a3faffac60eebe6120
SHA1	c7027370b7b7c0238d301fbb3fc3c54a2a293a81
SHA256	5dd4db7e0935d6383b50c16ddb44424c1114ff60b19086d09a942615a82a656a
SSDeep	48:M9SRWLflerP+MZQNRBEZWTENO4bpBY5opA79o6lAXHLP7j3Enso7YLPG7:c1OKNVaO8Oo27Wjrjj3EX7e+7
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-UserPnp%4DeviceInstall.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	67ed303665dfdd221159b210cf637891
SHA1	1bb4c2ea6b5e545b9c9e4a2982ed4688f5cf527e
SHA256	9292ad0983f0429acbabe0427e110ee20ccb2e61142dd55cf48b1ca293c57d40
SSDeep	24:QG/zkQ40TUauNN2X01QsPvygK69Zl5B6Mr+7kbsxbbKClelHyVT4VZQEgyg7LlHT:rdp4ogbL7bskCl6H0TXRH+86RDD+f1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	a985e852884b6c656393e8b57e46b617
SHA1	b72084b01df6b85d4403fb35e121375d8480b96b
SHA256	da6f68016d9a79d007359e9fb3e6ca5a47091433d1b48b687b56ab4305869cac
SSDeep	192:k8V7CDiDooDiD5bDiD5RDiD51vGDiD5CDiD5LDiD59DiD5:3hC2V2Nb2NR2N1e2NC2NL2N92N
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-VolumeSnapshot-Driver%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e96e0a4a4ba9455312c1703776126bad
SHA1	d310c6a22275971cfb0c0abdcaadb3ee7640a64e
SHA256	e7ff776c8c567bc806680eb360801ba37fcc6938f6d1fb818af605cc2c629852
SSDeep	48:rdp4+ZIED0FlQQ2Dg76DT7o4z/9wB/WBD1:rT4+2EuCQkUGPVz/mB41
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	ab86c461b1fb9d3574d33990d835a1ce
SHA1	7724e34c586c48b3a2d9cdc528752657719be0ee
SHA256	c549beb9c87506e82e51e432baa5051c8dcc8be8f401418f08275c9d94d32a7e
SSDeep	384:rhPwfeJfMQjef6dfmMf9Ifxmf8HfuznfZWf:rx
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7268b2884388b73b1662a138d442c76d
SHA1	20d4e930c7706f4133214c2810ae7729b1aef587
SHA256	a38b76f149ab6b87fc521cf694563e22a35113924ced3fb3880ae7726784d73e
SSDeep	24:QG/zkQ40TUauNN2X01tA0t/l6SMVSvxDtDRDMlLuOpx0irEtkGUU5lQsWMw4XuLM:rdp4Dt/lJ1R4yKwAMwQuCT2NkWNeaM1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Defender%4WHC.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9034dfa2bdf2cab3de4b6c9cf0458322
SHA1	452958256229f7d204a160187b98312e939a1ea1
SHA256	5b60c91eaeb3d24f90d52f838db0a94e9e2fd24d5f2ecd0560cc0f5cc1092a17
SSDeep	48:rdp47S3NzM78pVfDfCpf+tFOUNgoHZB/Lr/21:rT4WdN7Lk+XVemZM1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.00 MB
MD5	732d2019f40299692bf96e2d73dafe95
SHA1	8e7c03dd2403a7edf2e82892d8918f4573867361
SHA256	5b882ffb66a5b0686dcb4a076c747be107316fedbc5a4d046743e5adede74dde
SSDeep	768:f4abJ1tryk+NN4ONE1Oaba8ysSlSpQ3uLaBzEBi2qV9l1ab:7SlSpQ3uLaBGfq
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4Firewall.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	adb2f04f353c078821f7617d3f5ce415
SHA1	12da2994ae71e9f1f3226404c4e4ecbbc65847e8
SHA256	b12c5eeecd1f5227b09598efd8df05d27ebcf4bc46cdefe6f9faf91e2676419e
SSDeep	48:rdp48dwhMJCA3hdol9SXNbq3TdGPPAy7FDM71:rT48d0ARbkTUp581
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b31ba9196b5f81ac4761a95315d62643
SHA1	2ca3ee1bd2155ad786292952d88bbe5c0d420f0a
SHA256	2f1597544469b8a9263511c4e57fa70eefeb5e6ad82dd96a32d878adfc7d88b0
SSDeep	24:QG/zkQ40TUauNN2X01uCMV0ZW6n3NP0OlGzHG3sofmp+i+Qbyx/IglVuCykkVlEP:rdp4H0OIzGjegNQ2/XavfEsyPGYKh+1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-Winlogon%4Operational.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	dadc1692d439c01f4e2aa66368687009
SHA1	75b12dd1f5871c5d62cf1c8004a5c6c5ce7ea5bb
SHA256	52e2aa9db9d71330a770ec4c9f7afd3532516297b8320e44e984e4ba81610597
SSDeep	48:rdp4lFD84lzWe97cmeZWby1QUNDfcUPasHR1:rT41lzX97cmeUe1QkDf95x1
ImpHash	-

\\?\C:\Logs\Security.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e22da255366f7bc8238b92f000b045d9
SHA1	c5c98d73059e66565151d6fcdce1c2078114b175
SHA256	574dc3fba639598cd6b91dd2e926d923e9f4947f32178bbfadb6ea55a16ec137
SSDeep	24:QG/zkQ40TUauNN2X01y0cByhdFM5WgBQDSLoNnD9xwZlsBmKpjBVPEebhXfSKduU:rdp44yhHI8SLoNZJdNCebIKbdUsqeT71
ImpHash	-

\\?\C:\Logs\Setup.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\Setup.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	31c82af62fe9bf1ddd2ef5c3251cd4ab
SHA1	c0972dd3a9d2ac1c1b84f19f403714a238d03fbb
SHA256	52446f2ac160b860f1b8979f346e02696e24c0d6eac0d3d01f03742a4f18a922
SSDeep	96:31cNVaO8FM8uCnDuJNDu716qCCeDe0t6KWVb0CD16goCk6+zbChCt16H6erC66Q1:lyV7EuuaWVb08o76l6Cvg7E
ImpHash	-

\\?\C:\Logs\Setup.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	2b616b1e9bad3558daa9fc3aa5275d37
SHA1	03b22bd6a12eefb8b991438abda0fc3f13cfc094
SHA256	8a11e73c224de7c6af46d0985f5fcc3e925f3a61b3b16a962a1990714a4885a8
SSDeep	48:rdp4A5KqaObY1KvQTszJQRY5pFZx4LGcLHj2izH1:rT4IQEAYL2LHT1
ImpHash	-

\\?\C:\Logs\System.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\System.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	1.07 MB
MD5	36325157341168fd4225b592be53b212
SHA1	75698e89f6e81896a653511b22798ab701d6f5eb
SHA256	fad664071f96a59988604eb515cf793c6fe8a4ad9686d1f469f22bef326fb649
SSDeep	768:mEnENU/Zz4vU7CoLoRetiIwmq3pgCicTlfflarTQaYRetiIwmq3pgC:xGdsiVbNe8aisiVb
ImpHash	-

\\?\C:\Logs\System.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	00bfaa2921ee14f1ed5c02ee466073e3
SHA1	1c0703472e8d5389fbea405dfd3843408db05396
SHA256	2a3b2ef035a4e452d5dae7abeea69a9f332cda04b7ca090d111170b513fb7f60
SSDeep	48:rdp40lSh2jbrlDgWhY2eULtOupW7liLXu21:rT40o055Yv2tW7liLh1
ImpHash	-

\\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Logs\HardwareEvents.evtx.bbawasted (Dropped File) \\?\C:\Logs\Windows PowerShell.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBClient%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Audit.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Security.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-MUI%4Admin.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SmbClient%4Security.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx.bbawasted (Dropped File) \\?\C:\Logs\Key Management Service.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Internet Explorer.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-NCSI%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Winlogon%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-SettingSync%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx.bbawasted (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx.bbawasted (Dropped File) \\?\C:\Logs\HardwareEvents.evtx (Dropped File) \\?\C:\Logs\Internet Explorer.evtx (Dropped File) \\?\C:\Logs\Key Management Service.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Application-Experience%4Program-Compatibility-Assistant.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppLocker%4EXE and DLL.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Deployment.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppLocker%4Packaged app-Execution.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-AppXDeploymentServer%4Restricted.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Crypto-DPAPI%4BackUpKeySvc.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Dhcp-Client%4Admin.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Dhcpv6-Client%4Admin.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-HotspotAuth%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-Boot%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-Power%4Thermal-Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-StoreMgr%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Kernel-WHEA%4Errors.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-MUI%4Admin.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-NCSI%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-NetworkProfile%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4CompatAfterUpgrade.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SettingSync%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Shell-Core%4ActionCenter.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBClient%4Operational.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SmbClient%4Security.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Audit.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Connectivity.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-SMBServer%4Security.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-TerminalServices-RemoteConnectionManager%4Admin.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-UserPnp%4ActionCenter.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Windows Firewall With Advanced Security%4ConnectionSecurity.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-WinINet-Config%4ProxyConfigChanged.evtx (Dropped File) \\?\C:\Logs\Microsoft-Windows-Winlogon%4Operational.evtx (Dropped File) \\?\C:\Logs\Windows PowerShell.evtx (Dropped File)
Mime Type	application/octet-stream
File Size	68.00 KB
MD5	a55fe49683c29388694af6ac8d49b480
SHA1	036fd2b13de53227e4effe7ec975e96dca0986ca
SHA256	b790c872a389511da32f190adf66f301283c86a7acbbbfcfe154c70858fae70d
SSDeep	3:MgAWl1lH/1EY+qfaltpRTtPl2tVRl/l:Mkf7NijRM
ImpHash	-

\\?\C:\588bce7c90097ed212\netfx_Core.mzz.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ed2a08753bcf2bbe8ba02f2e70249171
SHA1	7b8c7437316bdf869f8947dce91488676f9cd53a
SHA256	db8db5eda3a679d5f0e84245b306075fd1a5db1d4a9a9b127c002f761f29e4fd
SSDeep	24:QG/zkQ40TUauNN2X01CiLod8zvxfhjimY49VStda+NMAyAPXizbKkhN/JoAEzwQZ:rdp46IJN8iStkAPXHkhNxazwQ7vdiNQ1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT.LOG1.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT.LOG1 (Dropped File)
Mime Type	application/octet-stream
File Size	24.00 KB
MD5	c90f65d6213cc65214234d7b39debf9e
SHA1	1644e6f6c79383e2170f6a07839dea2bd17080aa
SHA256	4373dd860680027488b7542b973e2de44714bf5fd39e7238028138f1588ff849
SSDeep	192:u6kT+7zszu86e9KBbM3BAkHe1cDuHTeFDOfr:0AAqFe9mbM3BbWcDuHTeFKf
ImpHash	-

\\?\C:\Logs\Windows PowerShell.evtx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	0d5086e46173ce464236a6a222b13401
SHA1	a243c1442a7d2c431cf04540b1af4c70e286a8aa
SHA256	b72376dfb3edcca2e364082511cd6fe7964928dabec746bd8d0fbf22611b7f2b
SSDeep	48:rdp4dG2eYgcLKzAH+o5rdXmEmMRP6OpFt8hjo/Wk/a1:rT4NeYgJo5QEmLOpQMba1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT.LOG2.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT.LOG2 (Dropped File)
Mime Type	application/octet-stream
File Size	20.00 KB
MD5	021c0da773dee2b2280ca4e983281f6d
SHA1	8e69d9ad1f1edaa6bc7089bac6bf000c16ca69e0
SHA256	26dd524de9de4bb04583a56cbe6ae74ae17c6703757db083cddd36a431e78e31
SSDeep	192:KqyCrHzAzRD6gRyhDY8JeRJ1t8FMcboZ9WVYVQWmzvxJYVBwSg0b:/LUd2Uyh88bFMcbCPVQWmV0g0b
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TM.blf.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TM.blf (Dropped File)
Mime Type	application/octet-stream
File Size	64.00 KB
MD5	0e4807041b5822f343433d25545af828
SHA1	43cd21144192442d7e3491d27a0025e6b7ea02dd
SHA256	0477150008443abfa369ec50cbc7d482d281886cb1e4b452b98da861a2bccc09
SSDeep	48:WA1oXdtNZ4nwDgXRJVE4JVhj1oXdtPZ4nwDgXRJVE4JV:91ydtknigPVjVx1ydtKnigPVjV
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT.LOG2.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8e917e34c7cbdd137df14cb9aa7cf842
SHA1	84a767d8865eb09e656e124cf2154cff7265b246
SHA256	2cd50b53dcd662c15971fef6c3dee0da3c6e2fedce661df63a6df2593b5b54bb
SSDeep	48:rdp4To1sPQ6w01cMv7ktMP+FqbceiMiRP1:rT4NPQ6aMQMPJbc7MiRP1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000001.regtrans-ms.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000001.regtrans-ms (Dropped File)
Mime Type	application/octet-stream
File Size	512.00 KB
MD5	ddf9d36144cf0c4e8799134285be418c
SHA1	2b4136b64939529ab2be0846cc49b0b74b30a9f6
SHA256	ef5593366b2cbb5adaf81d94c6e1bed3218db31d38b33241df2908bb57c20261
SSDeep	3:pl0l9lXlls/lZRt1U8488l/A:LcE/Bb0/
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TM.blf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	fdb0a490776df18ee474946831da9369
SHA1	78dfe63b78457b19d9e2ed86602bbe11e96af00b
SHA256	01376c20d4e4391cedc354a92c69986821db35df1ce5cc74444078486f95ca19
SSDeep	48:rdp4KcX1UgklC0puwBItSoPlQxmJD9+RZGM/cEicoLNxuJwP51:rT4Kk2ZgTQoyxmmR4OcqJS1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000001.regtrans-ms.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	50d0fe8eca7fada062355eef9d26fea6
SHA1	480899e5dd8d3107b7517cc1bbb18a98b4bff716
SHA256	4ee737eed5a5a312994062509c75041ef96ec4d0158141a1da13f580bca31d5a
SSDeep	24:QG/zkQ40TUauNN2X01HjGGNuxLH4zKTflY1ELhKkCUNViKIAuILVrTxKEswuIuYN:rdp4Rbucgc8NViABswuIIATvR1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TM.blf.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TM.blf (Dropped File)
Mime Type	application/octet-stream
File Size	64.00 KB
MD5	86ae6b3d178900a96f587aeb868e6716
SHA1	a729af4647d01f3b8637b08175abfb80789b20e5
SHA256	af1f2692dd622b9baa195673db141f3ebaea87ac3e5f6b40c2dc5ff0a68b82f9
SSDeep	48:5rKoZqta/zmVd/z4VV/z4VwkKoZqto/zmVd/z4VV/z4V:RKkqtyaVVsVNsVnKkqtgaVVsVNsV
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TM.blf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	686a6f229430969ecbf21fde4d02f255
SHA1	b99f3f030e2df9a035a22001a3526eb1fe36bd33
SHA256	59cad2a823779028a254edb110ec278dd0445c0b56b88d950e820731c63ced92
SSDeep	24:QG/zkQ40TUauNN2X014l2+ySX5Mq3Aw+idt2dbK9S62tsbH2sS4HPqnlsbiiNe2h:rdp4ESEFbdsbmfbTynlsbRFA1wbvg41
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{4e074668-0c1c-11e7-a943-e41d2d718a20}.TMContainer00000000000000000002.regtrans-ms.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	15ed04c71cd5c208dac62863c30bf1c0
SHA1	9fb57658f8ea05c2758681919ffb309b6de937af
SHA256	417aa22d98defe38a29ae130065d6312c3ef0abcc320808bcf118c797322dba4
SSDeep	24:QG/zkQ40TUauNN2X01zhKUCRJI7Pol7I/AgfYze72kZyGtuGZlR07yToMOfCeKQm:rdp4/KhRJS5/tYz9APZ+ubO2i11JPyp1
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000001.regtrans-ms.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000001.regtrans-ms (Dropped File)
Mime Type	application/octet-stream
File Size	512.00 KB
MD5	bf66f22f3fef6f2b50a70204db53dc0d
SHA1	444a0b3a035aa9f65afbbbff66dd94044298226a
SHA256	d3cad8d2d7ca16fea332842d9dab13da1c0e4f12835a6b6efb91d80c3606f178
SSDeep	3:pl0l9lXlls/lZRt1UdxlWyQ0/lA:LcE/B8xld/l
ImpHash	-

\\?\C:\Users\Default\NTUSER.DAT{fae9930d-933c-11e7-a51d-b808901d6c9b}.TMContainer00000000000000000001.regtrans-ms.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4550c6a1140b4157cf01624025e3226c
SHA1	885d1b83f0163406c4a697dde6e14f083a2ac6a1
SHA256	c0b6fb950d5c35fbaf3390043f8c0790b3e489876b7f1ec10d002e5214f92e92
SSDeep	24:QG/zkQ40TUauNN2X01fBj9wJdmxLA1B49Y19iz49SlU/OQ4H1b2ElMfgafQlgy0E:rdp4VVKjmxm69Yw4EqiMCM4B3Ndn9Ft1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\2-xf4UsB.mkv.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\2-xf4UsB.mkv (Dropped File)
Mime Type	video/x-matroska
File Size	40.87 KB
MD5	28102261560e1df42795eb9a68acd75f
SHA1	b51345a2b69c812e08cc0db512b557ac9f7ccb92
SHA256	af33c11a6014c351242a65f1731f1cddc274f04c4eb540e6e2786503b75b49f8
SSDeep	768:yPIBFfuSEhI9mFp7EEBqJAQTTDy9PITCRqVs6REGcF2QMIbu8jYfxavA0CXaG:yPSFrEW9K7EEuAgGFImsVR+udGA0CXaG
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\2-xf4UsB.mkv.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b69597c21ab8fc54e02f7e53d72c4249
SHA1	88c03260fffba696b39c751f1b135a4ae44fcb96
SHA256	6dfc265ed49d0f09cd0ab0ea67a01fa332d9e9d1452ec2bf9acac9a1e12de5da
SSDeep	48:rdp4fu25mi42iB52uWxyTvUmhRQRVaoTD1:rT4fu25fyDNhRmooTD1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\4W2-HxdmmPUru.mp4.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\4W2-HxdmmPUru.mp4 (Dropped File)
Mime Type	video/mp4
File Size	56.11 KB
MD5	bb4c6f80f576425d8eb39c29cd1a030f
SHA1	daea938af4f429c665642386120539624be5de7e
SHA256	b99b5bca540f3826758f9aa2ce931791d47fbee94b299bd1c5147a3b4da8a35e
SSDeep	1536:onjL8a4WaJ8mQINcpEbNj7EZpRBe5dQB3HmOb:gU/J8YNnbNPEr3fb
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\3GMvM-XW.odp.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\3GMvM-XW.odp (Dropped File)
Mime Type	application/zip
File Size	89.54 KB
MD5	b7055880459daefa668bbeef9cacd841
SHA1	f00e54212814434311decd7e2a472f9f152d9020
SHA256	41226fcdc52db0c9ea791f6d5c1004e25f456a87b09c9debe9b0253ec06d97b3
SSDeep	1536:HRh4MtZyYIqKkaWlOdG+AOAwtOHV/5yjKRfBfTVZqzHoy6AUqLT/:xCMt1I8aVWSON5fRftVZqboyIy/
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\4W2-HxdmmPUru.mp4.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b7afce3dce0533ddf69bcf23454d1c23
SHA1	c57832cef3a0b0bf1a71804bed995f0fa8e58b89
SHA256	2180c22da303c1cf09f7a7df268c348c970c483b020a706f582a33020f98a180
SSDeep	48:rdp4y+AurxQptB73DxF4eK9ur0yqJYbRpxdGkG1:rT4yFJdD1rsIRs51
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\5YB3PmkbOzi6DyRf8hg8.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	be69d04262ebec88c37eca84dca5d8af
SHA1	06d48bad8fc35fc0a61f7a72c89feb4454126fe0
SHA256	e750752cd9fe534a1a3fe72b513ab4ed33f961d440edff2c709fb3bac4738c4f
SSDeep	48:rdp4KbTna8TtD4qM6d0OAHJdFZ+meONrJ6h1:rT4KXa8WqMgl+H++3A1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\892r7Wt7HyBxi0b.png.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\892r7Wt7HyBxi0b.png (Dropped File)
Mime Type	image/png
File Size	65.85 KB
MD5	5bbd10b020246e4539ab8ca068b65aaf
SHA1	a07f7fb011b541e74a686ffe8c97537d51ee6f59
SHA256	bf73a64a896beeb1e5caa12787c025bf2aefb5bc7765e4bf6dc4ae5b55141149
SSDeep	1536:GBkZDD/41h6pYZgTK+HgIGOE/zlE8qVxbY:2yb4b6pH37E/G8qV1Y
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\892r7Wt7HyBxi0b.png.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9f0828bd9d211b85600a9fc7ca14edb4
SHA1	8913acbfe936f83d9355087e7a7e25be13a75021
SHA256	5690fae300e4e5f23248ebd4c766ce3d3db73aa48cdae8b71e078b5ae5d8eaed
SSDeep	24:QG/zkQ40TUauNN2X01LJMIsV5L/CKDsASl2FgdMFKHYpbCc4MUzLhQkQRDY2fglR:rdp4JJSLL/JDs3AgdB4pbSMcQYl1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\hy0GJF7zfW.ppt.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\hy0GJF7zfW.ppt (Dropped File)
Mime Type	application/CDFV2
File Size	14.04 KB
MD5	0d309a33eca3e355497e152b78b6c5b6
SHA1	97dbe710ddc23d943634a29035fd538b00181029
SHA256	b657a37b6d7f70b33bf43ca8452b49e0f46f54ff4cc417e0fc9adea70ca8d9eb
SSDeep	192:4zfPbryyTXcS0zlr4HItSdBM/3dyuVZQGOJuDQhopCzfDHfZ/0JjgMjCUIHvakP/:4zbBglSdBM1LamGHfGJjfWHFPAw
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\hy0GJF7zfW.ppt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	714b5b95d0cf6385ad066d9ba9bc6417
SHA1	3a36a62c2feb0d5901fdf3cd06c80b547b9cbf77
SHA256	0b685217a20891031af6891c9d4cd3c462925e6a9ed059abff33555904864f5b
SSDeep	48:rdp4XsDDUK1vVwXzJZeyholGLktKFLnR1:rT4XsDFvVwXdDoYLxFt1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\i G6AmFq6B1SN 4NgF.mp3.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	528aaf88afd7065b02d49155158eed29
SHA1	6f62d18bae815782d6d2e786d55e22fa172c8568
SHA256	e4e7472004e0be76a3a1e35bde1d8f7cd7795df674518b114b92bcfa97a73f4f
SSDeep	48:rdp45i9vkKiy9Tbwburk2eUU2xcAqftsvyQ1TH97Wr49Y11:rT4MVfT3eN7kDH9ir4Y1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\I7A41yPTyH2gM d.wav.bbawasted

Dropped File

Audio

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\I7A41yPTyH2gM d.wav (Dropped File)
Mime Type	audio/x-wav
File Size	8.46 KB
MD5	049273ceaf351d2d53c0e79223a488b4
SHA1	e0588e554bdeb179269476ac93f1da2eb69164d9
SHA256	db2cc96c7999834e5757dd3c79a255d048800b3c616e233166343b1ddafc4592
SSDeep	192:n3jUi+3mUOxVQyZAAcbE/5B88gOFqIAcZDVYoAOYK45sZ4EIwB4:3GmUOxa7Ac+rRFpAcvA3soy4
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\lTa-CKjc0uMl6C03pW.swf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	da15d00d308869ea71a39da2faddf333
SHA1	f891c0b34c3785f38de2f7989bda080250498b23
SHA256	7eb9ad6b1e64835e00c0df7aa536bbfb80402f69b52cb72b2a81e0155827d992
SSDeep	48:rdp4QvTdff0ckOz/NCYgGnf5al1ekk5yVtXT1:rT4W30uxConf5W1b1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\I7A41yPTyH2gM d.wav.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3ba0a73592b4ede231036fce97d10fdb
SHA1	2c78d077fffbc39f79d8eddc828f1753353f1877
SHA256	f333a23ca843745c9fcb0b1df6396aa80a8a5007522c3b127f7df920312cb612
SSDeep	24:QG/zkQ40TUauNN2X01pifl3/3K++TV+ZS6pK6O+kxSuhitJryrv6h4QFCWB2kng5:rdp4jiNITVryKxSuhitJGAoxyl4krSH1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\q vx.mkv.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\q vx.mkv (Dropped File)
Mime Type	video/x-matroska
File Size	10.86 KB
MD5	48f835325a1153e50787c84679be2eca
SHA1	01e4c08655a56a80a23635cfc6e93303cbc7c85f
SHA256	1bbe1e6d4edc611339e8ac289772e82409b79c938ba31d82bec5446bcd373923
SSDeep	192:cbO5VIfvUCTojCQuEMLPx0eX2sKmYgFVXonglEDHXcJOjjv+zYteuHKR0yC:c6If8CTaMZ0eLKgXysEjv+Ut2RvC
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\rKE-.m4a.bbawasted

Dropped File

Audio

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\rKE-.m4a (Dropped File)
Mime Type	audio/x-m4a
File Size	88.60 KB
MD5	b9f8ae56bfe995d5964f7e190a76e564
SHA1	fed601272acc03d364634fd83b3f8d6a76bbc241
SHA256	24ff12e134ed686703d8e4f62482412d64c3da4e4df436b06f09b76d5f6fbc1a
SSDeep	1536:QwQNDVI6Yedk9Bm6wPEJy875c9SVA9WhylxsqkdqpOXs/HBNY2k2cIu8Pd8+J4aB:Qh5VIvUKATBBwA9WIliqkcplZNtd8+mc
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\rKE-.m4a.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b8b9b389f3404acf9d091a8d33337e3c
SHA1	9ee9211e29a25506532e5f5f55903462da9ec319
SHA256	d2f90af8c78f2a8a339f31b7f998bd881cbe7814b6ae458299aab389704a836e
SSDeep	24:QG/zkQ40TUauNN2X01xl5MEHJGn1Wl6VYsnKhY5u0dj8Kv/SJZlXelxgY26N2HBJ:rdp4rbMEHO1Wl6VY8tDdjFsvAku47r1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\VUUkPFg8xjIiC_14bXH.mkv.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\VUUkPFg8xjIiC_14bXH.mkv (Dropped File)
Mime Type	video/x-matroska
File Size	39.02 KB
MD5	76498c50bf0b7eb685ff0d6ba204f9cf
SHA1	3c57ed8809b88519fa89b5bff87339cdce5a4682
SHA256	6ee7e8e231e270f42950614b30ed63195ac2dc970fd042454d977029c9cf607a
SSDeep	768:t0wsigD/byzah/XiL/7KPKO+qwtWwET410JeTeU7gYM:t0wsiW+zahyUKOPiWwe41ceaU7hM
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\q vx.mkv.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f6d4a2bc2dce27b6f3a3ce10fbc697cc
SHA1	5bf806edd5a72b8e63bfe038bdba6afe823643df
SHA256	a61ee7be358f23bbdd6a19bb77cbf15cbd11b816436b9dd6ab5276518dbe53ea
SSDeep	48:rdp4Qi108jW8bcPaNzZy7IwKGSMJKZnMmoOaGu81:rT4r7VdNzZy71KGS+CnMmoOz1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\y-wlGGDysKeKP8qrp.avi.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8idk\y-wlGGDysKeKP8qrp.avi (Dropped File)
Mime Type	video/x-msvideo
File Size	23.39 KB
MD5	543bb490e3674cbea6e1bf8882c9bf98
SHA1	1d226ef8396f988cfa7c31a6686eb2add92f86cb
SHA256	ec0e57fe201e6bfbb6b73a061380813b86c063eefbc24707c3ee8f3e56227251
SSDeep	384:AuxGpHJ2gYuPEgLUp0+G5NVz6K6iTGYGxgYY3o0iRcuGhgSc2ZPpLWSvuC+U09FJ:skqpRldoYGxNc9hZlFYJ
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\VUUkPFg8xjIiC_14bXH.mkv.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b700d77fb3456e00f06515b2eae09fa1
SHA1	e29849124083730a1228ec1d03c01b61772f49c7
SHA256	6ecce805acacf28c54358505234fbb6129bcf76db8433e0223382d2ff16aa6e7
SSDeep	48:rdp4nKBDe9TrE+SAciBboMXqhJcOmEohL1:rT4n7ErpiBboM8JlmEI1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8T-T9rK0.m4a.bbawasted

Dropped File

Audio

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\8T-T9rK0.m4a (Dropped File)
Mime Type	audio/x-m4a
File Size	22.49 KB
MD5	68d921b8a2345c9385ac4cbd0d218057
SHA1	7998efb7610e89fad0f6dbc8109bc8c56c1a2d33
SHA256	2fd271eb9ac154c61a6a48053252ee6e80f4a308709d63a26734c28f22df3319
SSDeep	384:6FdxNNmmmkUy3hQKtwe62CJgrudneorDYaeaTpe/+DeojEXMjFrw9+BZL3xN:KqkU9BeBC+rudeovYzaTpe2eJXMjdg+f
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\8idk\y-wlGGDysKeKP8qrp.avi.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e609e555d2ac60e3ba614b828819bafd
SHA1	9e4a5ddc1b6d77995221f3c0fa53c34f4fafbc9f
SHA256	5240e5267bb4eef5c966a855ae2e8e91643c70f4ad027e1a35ab946fca4d0ea7
SSDeep	48:rdp4tq5DCJKJg0U/DC5du58lpqF/iimjGtW3u1:rT40CkJLU/W5AD+jLu1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\AVOpHcf3wm02xwY6.jpg.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\AVOpHcf3wm02xwY6.jpg (Dropped File)
Mime Type	image/jpeg
File Size	26.23 KB
MD5	9539b81aac7622e17347ec4b24868d25
SHA1	1fc170c37c8d0b233f5838a0d8d67041dfd9f0a1
SHA256	e4f9ca6bb51b5664bc148ccb602f235d00726d28da0c6a2dae2e12881a453827
SSDeep	768:ew2Sk9oLMNIEYEe8crc/MPAH89zzsIZHZBUACzV:eoMNns8rUP1hzRHMd
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\As4kVW3Om-6GF.flv.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e641b994c17596e8c1a7d50295a555c6
SHA1	ecaa8cfdbb577d8735ec586b5462f72fde75fc38
SHA256	2bb54819d44ab3362d8ef53b3826a4ce58c589a1461b77ab532cce1ce8111d04
SSDeep	48:rdp41+9uDZpK8SqXPFzuwhf3yhKKnrc9xT3PI7UeWZ1:rT41CQZk8JK0ME1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\aYj6iZRBnapFPEU.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7c56e4283cd759abfd297093e51fa64d
SHA1	f99e53c9c1fd8070dc541d1b6d8e650ea279a0ee
SHA256	4e7b8c93625af479843703ea1071bc2208a4e926a6df36f57de14286f91ff9a8
SSDeep	24:QG/zkQ40TUauNN2X01Sl33SzxZk0/iJiueBlaloq/e0ooUUfagoADlipQO+w10a5:rdp4o93WZk0wiQloMe6dSlAD0p50LWV1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Aww2swe22n2.odt.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\Aww2swe22n2.odt (Dropped File)
Mime Type	application/zip
File Size	64.98 KB
MD5	7c6fccce5701cbfdc25da96b4914c870
SHA1	546fcac6b79ae3808ad8034c4bc0b26d7461c1fe
SHA256	4b7f29d3efc5b9f2241d72a1c4e85895687e4ce51392051a46f37943b43bc191
SSDeep	1536:8RUqzih3JL8wYW1xDOZrStdMudlMXzjPpQULrvGBWoI9YND5u3GWkHE0:k3Yp8q11ldHTyPjre7NVuqHE0
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Aww2swe22n2.odt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ada356ec8334524e58f1ab71c7f4577a
SHA1	5c6f4c097d67c705b4d7a167acd9cf3f7429499c
SHA256	a9dff534eb04cd092de1f50b6d83aed70035a9c4e2a4da05881c47ddb85c29ed
SSDeep	48:rdp4KaIdjGiX6dd5doiKwyF7OAXZkNvB2Bv1:rT4BiOKwyN6B2J1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\dSLThpYxMe.jpg.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\dSLThpYxMe.jpg (Dropped File)
Mime Type	image/jpeg
File Size	20.19 KB
MD5	27b763df6c8fa6e7091335e876b3b026
SHA1	8cf60d09454e5b74f4d0c65396194f45a454f9da
SHA256	003e8fb53c829e1f6ba58ae02da2ea27ad1300a9426f457ee9adf338c445f0e8
SSDeep	384:nsKSwJ0d0mQiBxYpp0Mexn8HZyxGrugMo6Z9E5D+WsvgF9X1h:nq/Mispp0Mex8H2GCg8STAW9XP
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\dSLThpYxMe.jpg.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	4d6b7a05231799b9a91fa28f56d16675
SHA1	0fc3cd0bed0792d4301bcb8d38f13b359291758c
SHA256	c910cfb99d20229fcb5893cf64cf8efaca6d1956d016732d4d3accf07f70bfa3
SSDeep	48:rdp4+MbzfjfGs3BdzjfmoWPalDzYAPNSXlV/ItXwtj1:rT4+Mbrys3Bpj5WPaZUAlSXlV/Itgtj1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\ECbiQJNOAggGgRDXIWvg.avi.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\ECbiQJNOAggGgRDXIWvg.avi (Dropped File)
Mime Type	video/x-msvideo
File Size	74.64 KB
MD5	0bd0534262e4a2b155fb4c97da8976f1
SHA1	3f09a262b344fb6e2b1468cb651fc083c21f1e4e
SHA256	d42b13fcdfa45abe6db32e98171670952b607d98be4b73b842df76879ae16664
SSDeep	1536:sj0kx6ZKfBKxdAquB2YlnmH0O9xEmhJspjjMtsZ1Ka2q7kFfrx8eFCT:sj0kx7uCB2c+r9Sm3spjas/Kn+8frxjm
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\ECbiQJNOAggGgRDXIWvg.avi.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6d19f30f8624c5e0bfecc5373db35774
SHA1	fac9f29899c009fcbce3ea53a27602405527e92e
SHA256	1e74b4314f02aada897fbc839ba47e1495f75b62f814db00ee468593d14a6e86
SSDeep	24:QG/zkQ40TUauNN2X01bebHz/56xmkfUtdJ1PozODgQ1xX4lTrFShmN/rg3y66IAg:rdp48jz/56MkC71Po7exolTJ8yUfj1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\fm3Aq.flv.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\fm3Aq.flv (Dropped File)
Mime Type	video/x-flv
File Size	29.40 KB
MD5	de400b8dbd7a0be2b58ef994bc0306d1
SHA1	a08d0b88f75de493c6b98e9ae9f5578bff60c16c
SHA256	ae56fb94abe282ef4d511cb9ef24580a6f9136dc054773e7fa6ba940718aace3
SSDeep	768:4yTLzp2EeT0QI3q6eawGMWNIx5Go69ycbVc:4y/wRXiKaTeNORc
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\fm3Aq.flv.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	1104fcebd7c1d7b1914e974aab24ea1a
SHA1	563069191cefd3b9256e25fa131609c632d531a7
SHA256	992e6b94b67d1829f1b1a7dab059d9195bc98101f4f11a85e1d96b6cb9b5d30f
SSDeep	48:rdp4ctTnt+Lc7pBdR/XxPw9z/TxnBda9q01:rT40TnrB7/XO9z/9Bdmj1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Gsep Gy9g8U9SV5WI.jpg.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\Gsep Gy9g8U9SV5WI.jpg (Dropped File)
Mime Type	image/jpeg
File Size	35.10 KB
MD5	8a8665aa3830f6a6eab794ce9e9dece8
SHA1	c879b81e739feebbcc1cd6c0fd1e87814a987aaf
SHA256	2ab6d9e57c82da64368cda39daae4e6b9c84d942279f3a494994911d166a80d6
SSDeep	768:4OZ9mR4Bi52vaWmhpK1ckq7AeFqqVsGRvwTPn0eYzc7MaLkj70IuAL:vPmR4Bicvarw1ckqDqhGRYoeYzunQj/L
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\fqNkaNofmvsq.swf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	2274e43d56b74dd5ac7af6be9417384e
SHA1	da4e3ab4e75a3cd54c3f4a7f578deb96dff1a795
SHA256	5b3f078fc4133201097327b06358a368a2df73553d727d285ae0c5bc58f29cf6
SSDeep	48:rdp4dflHcQvf4yVhERiiPRjUOuQHCfOTEqX0P1:rT4nhBcBPIQvEqXE1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\jyg9v.mp3.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\jyg9v.mp3 (Dropped File)
Mime Type	application/octet-stream
File Size	15.76 KB
MD5	309dc0f24a2a24c4859abba62c42265a
SHA1	59eeb003e1f6a920a8170a135ba2589c8638c012
SHA256	abd8c179239795df271b73d7e5432b5424a0782b1eaaf79c1ea0d1cde8f13196
SSDeep	384:18zPh/8WduZlyURhlCgyRE/EsIqwvzU5hPKt4Z4/c4R:1QJUWsZlyURhMgy1qwrU5cuZkcU
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\jyg9v.mp3.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	388f6dd8014d7d659c3a95f313a53300
SHA1	ea99b24800b0b523f84a54a19c45d2608ddf070e
SHA256	96c58538c7ccb419600dc86111ca0318d450d667418ce180241b129a76b3e6ba
SSDeep	24:QG/zkQ40TUauNN2X01wUTUWLPEI4Ryc2Xdh0VpQUeIFVmoT2DIR2w+lIo3GKwgeN:rdp4tNp4RyBtCVpDRfmCCJtNq4EwI1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\KKKIx0E4FsY97cXx.mp3.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\KKKIx0E4FsY97cXx.mp3 (Dropped File)
Mime Type	application/octet-stream
File Size	44.37 KB
MD5	878292f996b35049a5e2269aa28b2e37
SHA1	558284bf2881efe8da9f1eecd158f1062b697e98
SHA256	424c203614f1e6d188301d3c3f4ae172c2b3f44e9b5787d38705e7a81c069c5e
SSDeep	768:1kapEbZB/UcoU8ihJ5Uat0uKvLVZPCx0cWX4oeuXUco4F+:1nqboc6aCuKvfPCOrJe7t++
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Gsep Gy9g8U9SV5WI.jpg.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f595eac8348127e3f03833b1e5539459
SHA1	269726b46d827c6db6b8d206779c114618d7db71
SHA256	bce2d0cb3da4469d3692e8c8578ebf8a7d7f05db143dcf8afc98f4b2ca3e1097
SSDeep	48:rdp4CU/0e1c+PcidGtdXLDYC6x1sxKCdGxZW101:rT4j/0eTtdU/YC6x1s9G/Wq1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\nu9kIj.gif.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\nu9kIj.gif (Dropped File)
Mime Type	image/gif
File Size	16.24 KB
MD5	89e1f561a912b56bfb10e626b7ea8e22
SHA1	4bf771c3b46b33621868865ecc2cba1fd6716de9
SHA256	c0e34c08c75ceca8749eb1ac120c47148fdfe76f2b54acf805f9ba6dacb312c6
SSDeep	384:DAwpEaxGXO05hAzc3bYWpEE0aRDUM8MvlSnRCZ6fUCw:DAwpvCVwIjDUM/AgF9
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\KKKIx0E4FsY97cXx.mp3.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b29e2b87d6e4f582fc34c3727adda962
SHA1	bcdafd1169b5fa1ccc8c0e8be05aacf2f522212f
SHA256	8f89722ed8517fca53e903c5604bb824d3885eb448b79a17ae22c758dce94e94
SSDeep	48:rdp4v9c18LQHIUsBjnPUifYj4w00AC6OWxgr0c1:rT4V0lH5sdVfYj4DTC7Wxgr0c1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\O5 V_pS5-R96qlmtv.gif.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\O5 V_pS5-R96qlmtv.gif (Dropped File)
Mime Type	image/gif
File Size	37.35 KB
MD5	45339620955eaa85ff6307c07eb23c65
SHA1	5bdae89c58acd2cb5a520587bd5b111815d2c0b4
SHA256	ba7886fc190ce6ef3708593c89b2c4a4ba094a82239afa3cbf63578d2b0f4b19
SSDeep	768:vicYgqGvF3DH+8tfEXq29oVEbI/ncnpA6ulREWr88ntEivV:vrJNb7tfE6ooVa2ncpPulqqLntE0
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\nu9kIj.gif.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7f229f97d393427dc565eefa750d47af
SHA1	e409e28d8b6bc3a5b0338f080a30b25801014261
SHA256	05a6de86fb1bc15db9ddc1c30651f2b7b1bfd0cbe9bdd94a549ea781931d5f69
SSDeep	24:QG/zkQ40TUauNN2X01BpmK+YlhejbHwmadOU2NfRe2Hjz2BVZTKN44gkG82mlQ/9:rdp4LpmTYIQmaH6VzuVQLG82NP5fqzq1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\ovQDUkiEQ.wav.bbawasted

Dropped File

Audio

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\ovQDUkiEQ.wav (Dropped File)
Mime Type	audio/x-wav
File Size	71.05 KB
MD5	48750e9d207a40120af4b5f05b5cfdc4
SHA1	a5e6e47533e2a8d176f7d2c341a729e7ec53315f
SHA256	d7dec5ea49762c18d6cb78c608b9c945a93dcf6c0a914b773f3e68a2f0b175e1
SSDeep	1536:hDlbBF3sOUp+F9y0KIMgyNlen1DpzwiIDQbZ3/emhJdWhYKd:XL4t1gEaDpUiIDWV/eyAYg
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\O5 V_pS5-R96qlmtv.gif.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	1aca323cf1871f26b1f672a9e093036c
SHA1	07b2ec749938286d041d484154242fc9e5bc7f71
SHA256	e5e364da04af8769342b9a2b321df86b0df7afff9d89a08c2f1a1975edc858e2
SSDeep	24:QG/zkQ40TUauNN2X01AjABDvNgnPloA2bbf50WlB/NU+k8FifmNSBldPU0YNlkp4:rdp4+javN4Cbo+ifCSBldLa+BA1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\qBU9TmFTTc82vt.ods.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7a6266205bdda7d04577fa83b775cee4
SHA1	49a5340a486a988b04e4c8ecf9313e2c7fd44dbb
SHA256	515e85b737994d1bf961f7f14918efdd4a823a057f83779ab891bb24fc09e5d9
SSDeep	24:QG/zkQ40TUauNN2X012mVcn2cBmvooE85t8mpxGWSFgEvVT8YA3fpj7kc8Lupgdu:rdp4cnodD32gUPAvd7l7pgNt2j6Xc1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\PUrei.m4a.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e0cc46e6832eb688d88a6b37b2fb7940
SHA1	eb7d60e6b0d498428cfcb8e50e8dfb0426e7a30c
SHA256	d11470febd04f8f746197817cfcf4922963ff84dd49d9742dadeddecc34e8307
SSDeep	48:rdp4dr9tpB6dOpAh8C/eXVESEOohB5yPutBbz69Il/w9B+1:rT4dudc88CfnY8zHFw9k1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\qccgLISoLsmxeiwo5ln.bmp.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\qccgLISoLsmxeiwo5ln.bmp (Dropped File)
Mime Type	image/x-ms-bmp
File Size	32.46 KB
MD5	2cb4797d060944edb643d0fb71082ce0
SHA1	0a6a95633f4be7118e2939a8373844ebe9e714f8
SHA256	0f2d1f511cb1d1e8438c834eb6f58b6c36b42bae39fcda9755cf04bdac065b6a
SSDeep	768:lSS1p0bqwTeABj8nm3jFc0ImFBhQbtAxnW:8S70jCABj8wjSFmJQbAW
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\qccgLISoLsmxeiwo5ln.bmp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	431db614c62c4939379e4044dd21340c
SHA1	365a3248a6f3ad746e58f20a5210c85603c8b830
SHA256	a2e0c90fc09918f9dcd901d498718437adca635cbe7f8b03814fc76887af7dbf
SSDeep	24:QG/zkQ40TUauNN2X01q0WU73bK0Qz/VIChRBX3NRdXEV2MlOd4/TZNqQyoxzrocn:rdp4w0WU7G3NNBX9Ra2MlKKRyoVp97d1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\RbC76v5C03PlpAfXDOr.gif.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\RbC76v5C03PlpAfXDOr.gif (Dropped File)
Mime Type	image/gif
File Size	40.72 KB
MD5	1ae9b9b992c4571ccf0b5d5ff4580269
SHA1	9f4bd22a6d4a00ec0e70061774254cd3d74e320b
SHA256	d9463bcdc7e2725d47223bb7faaaf514f743575da7709ae11649acecdd681c88
SSDeep	768:3NP/kVirqDbltQh4eclGr6OtpbcTx8JXNa6kjtSK65VpvYKKWJBsC:3Z8V1Dcqe3r6OtJJwz0pYRWwC
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\RbC76v5C03PlpAfXDOr.gif.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	89f31e7bc8d1f927ec2d48ea9dce6a66
SHA1	70338a9e199ec16b1a30745214132bac1c5db140
SHA256	91d5430f95e717344f955236c2c60ce27065afb0929fc5c0ef0e05552bf9f456
SSDeep	48:rdp4R8sJFc6jtEN2JIffyF6K5cZXXlQ/4v1:rT4msw6jcJf0h5cJKg1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\S86TMJ.avi.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\S86TMJ.avi (Dropped File)
Mime Type	video/x-msvideo
File Size	16.58 KB
MD5	5278fd6c6acd2ed54fd0244d0579a938
SHA1	e94c59e671c6ba1694d4df719c022a724b0914b8
SHA256	0a0023c1a3bc7fe1d248d43086a4dee9eb2b36457eddd690d5c809d6b445fb25
SSDeep	384:6g0rQp6FKbvRsWXSTZ1KZFpl9jtJvORMouQrL78fBjTnm/bUd:9MFKj6WX3ltJmPxL78JTIbUd
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\S86TMJ.avi.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	788452c3f13844be23ec8cb2d7bc3af6
SHA1	ce4f78363e2a5f17c85ba0ea62d9fbc1610349ae
SHA256	fdd6ef7b7c840fca1d25a632f80af4a1aba1bbc4cd8a14c657923eaf56190d3f
SSDeep	48:rdp4WrN/4xv7IWx+WtgT4T0lqhJXh1UmpRl2Wo58nZe21:rT4wiDJxzgUK4jUORlfo58nf1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\skEksEAr.mp3.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\skEksEAr.mp3 (Dropped File)
Mime Type	application/octet-stream
File Size	20.69 KB
MD5	a01a7f5ec8a856f2813882b34af327aa
SHA1	e9a7f5d0877fe1dbb9eac9364e7b2e656bb167f6
SHA256	6cb41305e1a18a665a862f16754b0080e6421e830f1871b02941dace2a3cc11f
SSDeep	384:14sHCWJ71EMjIZPYEhX0GrmMiYfluGEywtLgXENWBo6uBN3EmnGR0qnH2vGvPzp3:13JxpEBYEhEGrmMh0GeHN3b33nWxnH24
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\sKPmyj3.m4a.bbawasted

Dropped File

Audio

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\sKPmyj3.m4a (Dropped File)
Mime Type	audio/x-m4a
File Size	9.78 KB
MD5	c9727896352595a11d47bcfb8769334e
SHA1	f0375931b7f41393e059b203c32f9a3f7d6f59f7
SHA256	93a889e2a743e21f8b8e1e12b70baac9dda9f3de1f46bf9c2166503897950b42
SSDeep	192:89i2KUMAwDrPwG0Ee1Yf6Uml9kDdaDDv+CZ4M0W1IvokA9uOtLLcgyFrB9eX7R:89i2vMwEe1YlDdaDaC4BWCvokYuWedgt
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\sKPmyj3.m4a.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	36949d9d473b70ba88197771466407b1
SHA1	4a1964e1080e6136bcd94d6a5a65025f426d2755
SHA256	65fc776deaf4c58fb30f00443e62d2290d2c97d3ce2d591ee73f228d576d1835
SSDeep	48:rdp4psjwnLklJ6Tv4VY4MyBkdXzdj5MJj81:rT4psjPATv4V8yydXzdj5N1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\Ti_XB2Wn6yZovs54d.docx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\Ti_XB2Wn6yZovs54d.docx (Dropped File)
Mime Type	application/zip
File Size	65.98 KB
MD5	e5ca624687c84baefc87ce2f898a4fc4
SHA1	38cbfddd9883ee1041830a748ecc7b9423e49685
SHA256	b5b1bc520c4ece4947d12884538778b40a41c4abafe944cb17eb6479462a2d09
SSDeep	1536:aY13phixQZLuRvRlVBHIrCn5rFmECPXFqA+MDkUKgq:aY13zpLu5V9IGmECPt9gJgq
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\sLj1uQw cmgJX20IgEhH.avi.bbawasted

Dropped File

Video

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\sLj1uQw cmgJX20IgEhH.avi (Dropped File)
Mime Type	video/x-msvideo
File Size	88.63 KB
MD5	ef44faddeb4cd22851e05e266f952350
SHA1	a2833da040f841b1c83e6539626dbf8a5a40c599
SHA256	4bd600bbcc40fca1170bb0c8a2996e9b11b2d7b9149355b136c2752b5fe4811d
SSDeep	1536:376CTPllG3AYSSwqfPrvtTDKUK1KPA670rMvgRHC6yk+aFaEA:r6+PlkfLwKTtHV7IMvggxL86
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\sLj1uQw cmgJX20IgEhH.avi.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	d52842dffa01149b260bb0cad9991358
SHA1	7c06bf556d74e8f2bd551802d58d7cfae329696d
SHA256	5fe59d2a079a0a13b52a964bf073b9fcdce4c2e8e432c3ca2430686a0449a358
SSDeep	48:rdp4UaPLMBgT3KAbUEbmOJMjLr52/Vs11:rT4RLMBgT1oEbfy/F+Vs11
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\tLf6_R8gXIDgGcmGELf.ppt.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\tLf6_R8gXIDgGcmGELf.ppt (Dropped File)
Mime Type	application/CDFV2
File Size	51.77 KB
MD5	dd1ca903c6655b725e546d3b670ba3be
SHA1	c74f8193fbb3a926ae99d5c6a7b8a29ff4619526
SHA256	34f6fbe19df3c4d58bd1a05e849c7d4ade73a5ac89f318814d4784c2595546ca
SSDeep	1536:uOiADQ7s4HxNVGpkDmWPWan1gQ0ko503zO:NS7pxDE1eWaSXWzO
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\tLf6_R8gXIDgGcmGELf.ppt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	03126a0ba21da31c957c9eed865163e1
SHA1	47640f3914c5797fb0b6806ced46406e925dc526
SHA256	79eb5309c003ec6d3dabe1c85f98e5dfd49df243007b0195464338f73034026b
SSDeep	48:rdp4NblKGdeaMc6Iz2eGHxuiSyJpSn2+SF+Df1:rT4NblKG0a3Z2RkPwzMDf1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\tUha-VwhdFD.docx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\tUha-VwhdFD.docx (Dropped File)
Mime Type	application/zip
File Size	68.17 KB
MD5	d6fcb19cdf4be2164c3d7577ae7d6920
SHA1	b19b84857668f9096aaf5a30a8102bbb8da44b80
SHA256	348e3c3062dfbdef00d9474350f7f86aa9f88949fc2de6f02e2e9176f554640e
SSDeep	1536:5u31M2Hn36hSWtz4JtIFIoa9GLC0Ulg+CQ7oxDcRlEvn6SY:I31Mi4SWteWLa9F0UlgSRlEvfY
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\wcrT-HU6VSvB0Tq.swf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7743e114b24c493c20d4253d27579fbe
SHA1	9d2078b87638b2f4edc7f52764ca6fd459034a47
SHA256	9b04b037afbf848d134d92c2c829d142b11d1b372f356dfc83ba87ab167f3186
SSDeep	48:rdp40B9IhgSW4Gvr59mG+J2S3a3t0T/11:rT4AItduh+IIaOT11
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\tUha-VwhdFD.docx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	db3b86898bf5f5afad56609964263347
SHA1	9bbbd21ddc2cdfed9a1a581472dae200c3b06e23
SHA256	86bc4f4bdc2dd00fa75f1f22a21d2ba7d80e143aa5e119cf4f985c0f9632f275
SSDeep	48:rdp4+Q+jcnhd7LIZCNb5jGjFq4/Lk0Mo4CKj/qo1:rT4+Q+jcnhl1NboFbjKbqo1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\WHk1aSv.ppt.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\WHk1aSv.ppt (Dropped File)
Mime Type	application/CDFV2
File Size	81.98 KB
MD5	0f36f5c81d066e8e7abfa84ee57af88a
SHA1	d386aa3be05924c3e625223bfc8b9aa852d0df4e
SHA256	4f0c8a9937c02beefff3bc4759dba21fb420f24fb3a0691258911a8f7f3eb494
SSDeep	1536:GvQNndD8RmGgwr8ESq96BdThOqwooaiEHs9N7AtDHsckDpSf:GWPGvwXTYkM9Nkjk4f
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\y6RqMI.wav.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	a2316167f75f02b7dfbbd22d91cf0b77
SHA1	df728afc164be9edd48a7790fc664aa45cf4813a
SHA256	dba836868d8e9566d33ae59887b8d083899c5188a51a13bdee7342a27723d5c5
SSDeep	48:rdp4oe6rQWQf+UhB3o8rU9HDSMsE8PJPe1:rT47H3OHDS2QG1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\z-T TKpZk4m9HLS1_J.gif.bbawasted

Dropped File

Image

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Desktop\z-T TKpZk4m9HLS1_J.gif (Dropped File)
Mime Type	image/gif
File Size	91.64 KB
MD5	14de1eeb774608fda97df46792c0b11e
SHA1	649cc1d9c9997051c345efe2af2ad9e7a349a687
SHA256	65aca35f2a5a35c861261ab59425f752eacadff2de4ff0d2f54608c0e51e890f
SSDeep	1536:3woxHIvMCK19+xHbZ67DDQBgLFKlOYkEy0JqtJgKbv1DHFy3gZEkoWx:3woxSMR19+LEDQBgLFKgEyhFblHsxWx
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\WHk1aSv.ppt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	355faea3b2893e20b93c33205a424ecb
SHA1	f5efc80291e3d0c077dc373c23d79b8c61f2db66
SHA256	b5bcad891fdffc3a147a3d4118f70326cfa005a5f8ab513685d8dce5b570e56d
SSDeep	24:QG/zkQ40TUauNN2X01k12Mp7X/nU3qLdOY0zNS0ln5kqgKZN2rQ7uxEzUX9DTMou:rdp4e1BP0l5cXrXVMA2vjR1
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\z-T TKpZk4m9HLS1_J.gif.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	6bc57c5dbab547e466ddd45ec47ccd19
SHA1	d70264bd8ab29cca53e8cc8974ae812a581a7ae0
SHA256	3105c8be49324e0c41f89cb10556d893a985fd930ecb8c91dc7afd7164739818
SSDeep	48:rdp4ljSPvtBLESiUbPgfS2dGYFhylkA891:rT4IPvTtiuPgpFhylQ1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\3aNVMkiEo0kkEsOC_.pptx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\3aNVMkiEo0kkEsOC_.pptx (Dropped File)
Mime Type	application/zip
File Size	31.11 KB
MD5	b80f7110cda8b5c88d6fa7237cc991b2
SHA1	c95c72ed2b30b36c2860b35ef68a20a41d3cb4ca
SHA256	d131db29fbf7e88d7a97338da14c759cfb1dcff9db503fdfa763ac33be42f8c3
SSDeep	384:Qnf7sQqoLdtSZZztoIstJVJ3LMGjTqzCcNIwHgmSUCi3dDHraUQnnB8u5kcAx1eD:2f4ojrttJVJg5avmvJtuUQnnLCVq
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\3aNVMkiEo0kkEsOC_.pptx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	af3571a10f4b6764f8c389a74669b93f
SHA1	1b979bd5ab69b210bdb5428f2777d828d865bc8c
SHA256	4c33c85f9a1053c311d8f24540b07c58574ddea95459419b2a3d0d10c773da4f
SSDeep	48:rdp4kJcfe5/gOHK2I7YvZxNTl8KY2CfyRjv1:rT4kSfeRrU8n5YjyRjv1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\3xjI6p2E0wKzgqkV.ods.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\3xjI6p2E0wKzgqkV.ods (Dropped File)
Mime Type	application/zip
File Size	83.96 KB
MD5	39f4b01c526a07b999d3a22558362316
SHA1	4f2f1e676704ca0a79d21c9af61de7788af32d8c
SHA256	c755daaadb44dd3b52b55d65d74ee81789f9e867dc20756723b41bcae0a785ec
SSDeep	1536:i7YLeUQ7pTMECBSAUGxqZOlsSuP1+hyjTtboftMkP7gminRQGlXTPi25lcdyBMvw:i7YtQ7Vp2HUZIuP1+hWSVMi4QGljNlci
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\4 cPG5zOtDV.docx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\4 cPG5zOtDV.docx (Dropped File)
Mime Type	application/zip
File Size	34.49 KB
MD5	53ad4c875cac487fb21d1893a0edfbc2
SHA1	38ee805a83e407105c5b593ed4a0df2b37689d2d
SHA256	153d184eac7a741a9242c7b7be76dc60ec0d77958aae08fdedd13a10cfac4237
SSDeep	768:MK1Es6CCeB8gKgEypFbPVX0KM9/Nne5+XxuJn5739:MCE/CCvm/POKMJBe8ad39
ImpHash	-

\\?\C:\Users\FD1HVy\Desktop\zo_QeWnuo2.jpg.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	513c99c4c7ee2d1dc636be22c8f4e58b
SHA1	a003c73e30179f21c097c86e75321b4894a68253
SHA256	49ba94930d54991daea9dc9017187add932149d65dcb1016b9008d9632fcaa4c
SSDeep	48:rdp4eRYGAoZRE4iuRviUMFhOor/+V4WGaR9KHw1:rT4+JhXjJSKor/o31
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\476iG93Vi.ppt.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\476iG93Vi.ppt (Dropped File)
Mime Type	application/CDFV2
File Size	5.54 KB
MD5	52b070ee2ad1e0b88eccfaf6f05b3fb6
SHA1	dfdaf32dffea1aee6fbc983c591d4a547c666191
SHA256	3c30320d2644ada920f4cc48682b2fbd4fec218d3828d5df597bc45bef187d04
SSDeep	96:NGhWqlryFao4+k3ZZCtUo0elj0vVBVXz30CD8Qdv3K19h734Gj9oAv1j:EgqBY45JYtEXzzTdv3E9hUGHh
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\476iG93Vi.ppt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	3c634611731cda0b6404b0b89af78391
SHA1	ad0839acd3440a9608eb50495275a7e460a9615f
SHA256	86faf2fe55d834761d430e89ff65935e81e31c0497a5c6cb3fe7bf85fc4ce574
SSDeep	48:rdp4+KWpAi5u2ByP5a5lBdEraqqG+Tvh2V1:rT4jWqi5u2B4A5hE1jn1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\4 cPG5zOtDV.docx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8bc63edf2b096cc37fc6b53c4847bf98
SHA1	ed5abfe51fb2c775ddbdba60aa9b14f154803d4a
SHA256	2ec15fa00f04b58b108961adc0b4be79eaf0e36aa2962d3c39087ce5fe783a40
SSDeep	48:rdp4cdg6MbnY0NJ9h5FUyCLLh5V5sMbbSd1:rT4J6MrBJz5FUyULhL53bud1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\4fN5SD.pdf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	18221ba9c842f8d8e195fff5a89a66da
SHA1	e847550bbfdf6d7354e15b3ab1c85ce909fb6bcf
SHA256	5be97c4f7e383788fe4d7d3419f26da2d86241345658cc0266e8f7474021485d
SSDeep	48:rdp4sRf4K/Phjgl9QFfQuVi45pHe5/0GM81:rT4o3uQVs5/7n1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\4bZG9nnAFK V9iapNmDo.docx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	bc4061351398852aa4e375ee18bd0615
SHA1	ce605d0fc7ef32b9969e19cdf30b68526cf4dcfc
SHA256	9293c0a9af7a86172248517ba4f0225f88516a596d84177fa8ac84e7f19af1d4
SSDeep	48:rdp4B2+WuKo/qkwRQC21Yk2mLqrEZptOH36C1:rT4B2+Eo/NUk2AqrEZTOR1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\5sPV_sRBv-RXg iHTC0.xlsx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\5sPV_sRBv-RXg iHTC0.xlsx (Dropped File)
Mime Type	application/zip
File Size	24.42 KB
MD5	410aec07d04337673e77bd9f19f83ca5
SHA1	b1a2708e6f2dca3b1fca5acb9b8d13180af18bcf
SHA256	8cabd66dffa3aa48cffd99284fca1e9cebb3b321e452256e4cb9dbe5cc92518b
SSDeep	768:hZK+djPsXkrUyCFd+4JnNX3pENHUsPZZXm:1PsXeUyM+QF5EN9TW
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\51mXRb3inE1OoIv4siQ.docx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	1d873c5afd94ad29376286d518bc62ec
SHA1	4587d700f04c5ba3de57d21f7fb5d52f889d236e
SHA256	1c909aafa889aa24d83919cd9bd33e6d82d5d5748ef4342cb6d3670f96876fe2
SSDeep	48:rdp4Do2/w7+fiYmW3ve2y5WR2TGc26vAXa5H1:rT4UI7G+vwU2Tx26IXa5H1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\5sPV_sRBv-RXg iHTC0.xlsx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	b536cf778179321c005cbf4f8b421735
SHA1	0975a00f43510fbc74d505b91a08ea20398e4c5e
SHA256	8e28022c9f9e884f70818b5e6c9c8505d288b974448ba3606e6e64856e4eed24
SSDeep	48:rdp4vaOB96e+I2i6ltJZyUAT8sl6uzPn1:rT4796e+IL6lDva1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Ac27.ods.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\Ac27.ods (Dropped File)
Mime Type	application/zip
File Size	54.21 KB
MD5	514b99473395c6398f21c28ab895a08e
SHA1	f250463c1d350471a8ac8af5e66bad17c6ffa48c
SHA256	8aeb5d01d9d98d168047127ef12115340bb0e0595e1da6c15e39370c0fc42838
SSDeep	768:M5SSUMLolh0WNKPwGFd3/hSJ88T1UVh4dmdWboqj+f6P4laY5AImRhsnU2Xx4kxF:+fclh0YK4GL3/Mmf4gdpc+flmP0dF
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\aOsMH3SFL_.odp.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\aOsMH3SFL_.odp (Dropped File)
Mime Type	application/zip
File Size	90.35 KB
MD5	8105cba9754a9c455a799ab7f6188f3a
SHA1	614e1e3db633c2c6ae735779e957f6327bd52fb1
SHA256	2024352a4c4be855e27c81e05ae532a917f528687bdf8fb962df606f147fbd23
SSDeep	1536:9mG7Xu9FC+YOrQpUUarPJ/ZHOfddBA7XY33ALR9Q4aBa7r8+1fkSrTNztBQlMg:P7Xu9AVUUyPhZHOVQI33g9Q4aszMSrTC
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\aOsMH3SFL_.odp.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	fdcba5797c854bffb1e394ba76df6dda
SHA1	96120a7592065771085bd20423552f5a89b50816
SHA256	d91e7d594bad63ebd20566920ab086e8987dbcfd52535926b1964e4a7e337cd0
SSDeep	48:rdp4IM8tfVSJzgXbKjCOVZ0bil6MrKMmlq021:rT4IM8tfkAWjx6ilSUT1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\B9YL08hWdEn.odt.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\B9YL08hWdEn.odt (Dropped File)
Mime Type	application/zip
File Size	39.73 KB
MD5	9c28acc522772deaba0232010e02e41e
SHA1	bbfb28652c95d544e18d0d1e15e03be22fb89d2d
SHA256	ea4ab4a6c527241082eabb234d26fbf95143cb5b75ac4a173fe98542142b0b66
SSDeep	768:dsAxRXmPKLNkgdysj9dNkVEMtpSxxsrmSOJyoavxKKwM9Y9tHhmKR:P7LSkZNk5Mxxsr+WMvCmH0KR
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\E5MbZmyFdrzPsJX.ppt.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\E5MbZmyFdrzPsJX.ppt (Dropped File)
Mime Type	application/CDFV2
File Size	75.89 KB
MD5	e2ff665819da31bde9d130f886b7d3a0
SHA1	725297fb8cc3ce358d93dc7d3d175a2e13de4935
SHA256	828914734384724200fd7b6363395419fc2ae89c91b180a1b74e5e565d094884
SSDeep	1536:QVsqwuuruP1iWuniY5ld4DCeUVclAQLD6s1eS6kkdqvm/hCbS+qLfG9GRVWBU8KN:WJwuBiW2PdheUfQLD6Jlknvm/kHq7G9q
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\E5MbZmyFdrzPsJX.ppt.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8ed566924da90e126e51e8037214cc49
SHA1	2a2ec1a57dc17c8947a582cbe6dd09419a8fd348
SHA256	e02986498fa26cc45dc63ad721a38fdc06b9133b6c39a1c31527a9dfb3f56253
SSDeep	48:rdp45omJp+0lSyiKfqMQSGpXmJ1tlzwnUI1:rT4Y01iKf38XmJ1z4B1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Ihh5mnxu_Eje34 R8Df5.xlsx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\Ihh5mnxu_Eje34 R8Df5.xlsx (Dropped File)
Mime Type	application/zip
File Size	30.09 KB
MD5	59968a7dc06e61e2c74e9661734d3cf9
SHA1	52630264656fd1e988969e4ca6f96982657e3b5d
SHA256	940199f7d2cb9ac670a924feb28c61691632d1976fd245027cdfc81736eba59e
SSDeep	768:aT0rR2LREREcFnCIbFVIjzFv6ew9oBMB0//LS:aTlLREJFCI5VI9vfCxS//LS
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Ihh5mnxu_Eje34 R8Df5.xlsx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	089ad2933640e5cf39f38698a3f2aaaa
SHA1	2588384b60bb3badf10c88537cea78e8ffed75ee
SHA256	bfaa17f318033a515d3af41576abd8a364f5bb223c5ed61be4d4920c90624093
SSDeep	24:QG/zkQ40TUauNN2X01NPOzGMf5HjCSuMwZPzrAAm/lvRgXn1mQ5I7zZdT9G/2eiP:rdp4t6JjZwftm87mzH9G6wFVY1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\mLJcyJdURZqaA_atJ.pptx.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\mLJcyJdURZqaA_atJ.pptx (Dropped File)
Mime Type	application/zip
File Size	29.64 KB
MD5	6b92af10b57f1486233cdc16e4e287ac
SHA1	710ece2fc727a45cc17d50c03f80a392114a1046
SHA256	f55e486a94f080d614b713d9674f5a0fb3cdf3bf082f32973ae6ccfdf6a68af4
SSDeep	384:oWSNZnvxcYxM3znITUuHy47LKuc1rXwkWK7VY7dzUTvX6QtzWwcvYf4SqWMk+d1Z:ofNlxcM8znBwEjLVTvtlcpSMk+dFdb
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Database1.accdb.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	8f2e4de14c1b853c032f9a0bc49877ca
SHA1	99887c1810acc3bc090cc5107d65e2e4e14a2832
SHA256	35c936fc1a3dde8b919e3c76aa8bff59c813364e1e6c11e459a0812053fa7204
SSDeep	48:rdp4QpC1OlRtrjMAvnlDp3QBEamxaZn2kbbWg1:rT4QpzRtrjMwlvaZDbbWg1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\nSJTKr.pps.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\nSJTKr.pps (Dropped File)
Mime Type	application/CDFV2
File Size	30.20 KB
MD5	5fb3b800dcdeeac2279ed08b3d3296cd
SHA1	2160aa2b43c9f2c487008ab8e1fe407ca8ab3316
SHA256	c5cc1268eb05f9a00c0fe5fb44faddba7fbcc1203fccdede1c5bfa9de98b1a3a
SSDeep	768:deuNVFYu+aV/BuLjU/v2p9zDbMrznIOtQTqlO6NxsYFd:hlx4avw63xQTqlrNPd
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\mLJcyJdURZqaA_atJ.pptx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	7b5578ea2639f6214e36b4d6b02907d1
SHA1	a2ef4af06f94bb9eb5f9e6e286e410538f58b427
SHA256	69a6f61095e0b4142faced2b255b5b3e4790a5a9db3173dd65bcdea6c14f80c0
SSDeep	48:rdp4cuWBf7t9mFSwMYzzf0LKTOmd6r9U2uV1:rT4cuMsFSwMkBPwyF1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Outlook Files\kkcie@kdj.kd.pst.bbawasted

Dropped File

Stream

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\Outlook Files\kkcie@kdj.kd.pst (Dropped File)
Mime Type	application/octet-stream
File Size	265.00 KB
MD5	7e146295871ce4213a997522488339a2
SHA1	41a0abfe293a5ce0443e267a92017ecd8c85e308
SHA256	d9bba7db14e3020366857a3ffe5ccfe77c72d7e7fcab96fba6fac57c06b3d76b
SSDeep	768:IQWhCpDAaCye/gevjyFFiJDPpTTn6g//xZIc4wCGmlWCQ0UKiFiKPwa:akADyq6G/xZmll5i
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\-Y7HmEl9.odt.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\-Y7HmEl9.odt (Dropped File)
Mime Type	application/zip
File Size	91.94 KB
MD5	f821ebac1fb709d700045634af72bd6d
SHA1	7d0281673ebfd221b0810fcc530efb110339c434
SHA256	f235e0f0a35416fb8ef319b7e6e9ae2a3de079c669ba55c108b4355a5cde5b8c
SSDeep	1536:tE3ceg/T4zUwKw6rEOR1N5xVyQZeM4/GUTQb0Y2BARbliF1mX15GkCE9qLXmMqTa:SMeCIJ6rr1N5jybM4VTYJlinmX15z9UD
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\Outlook Files\kkcie@kdj.kd.pst.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	77dc0e2e0f8cc6b6621c6d3ee6dce32f
SHA1	6b7ee0360581fdd5badb7d873581805735f66294
SHA256	93e5bf68a94cfff8be5d9c147fcdf4591061bfe64089a834cd027a8e8f313076
SSDeep	48:rdp4uUI1ZaGroAUexdO6Ys3IUolcssxVNSHL3iyeVu1:rT4uUUazAUeK6Ys3cH+SOs1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\8Br7zFnysp5NoirG.doc.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\8Br7zFnysp5NoirG.doc (Dropped File)
Mime Type	application/CDFV2
File Size	62.83 KB
MD5	4e9452daf119138a15ae1679032086e1
SHA1	423936dbbe28e70108d580aff5b16a65f5f58eed
SHA256	46ffab07ddf10594c53420281ada6bf4d3ea34cbe3eff9b28aaa8c71af09c94e
SSDeep	1536:H3E8dfOhEOId9OpiGxEhGS79jK+n0kw1M9ViaW69uOT:H3pdu6YpB8T7pkkCFUT
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\8Br7zFnysp5NoirG.doc.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	f6f6eb0fe1297c70c0d7ea16a68a86a8
SHA1	211bc9dcc22e3e4d1faeaf298a76599799d20b70
SHA256	3a5d00814025d5724a6e1dacdf690c05e622b6a17683bf3c18ea14976b6e4a99
SSDeep	24:QG/zkQ40TUauNN2X01uK8sn4At6AoDdKSPfOTMW4uThUYYmi64udWmCas7+hXhrY:rdp4HdPEXDFOTJ+Ysi0mCalX9O8vNmf1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\ER_dhIGLBq63mdI.xls.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	9d3807f379852299618011d5674e3c3a
SHA1	754b9babaadab6e32de6049dbed37a5816600740
SHA256	bd94f46941ec6470c800a5a4f987143a93a34d1825cdfd028fc6eede5ce4dfbe
SSDeep	48:rdp4WCSQS5LLweIhkGOwtJeylnRpCQga1:rT4hS1epOwtb1PN1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\HpkeD-g.rtf.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	e7e7966c1fd8c935773cc824f7ac93da
SHA1	380c9c8cad1bb18ad6fe5998404985cb80f66ddd
SHA256	084a385ca1d432facfd6ce5ecdd41bc3632764d5347a78cdee5dbd2a57f58264
SSDeep	48:rdp4tu4GMyxxHxd7ZBRO4rHztuTVm3/Gl1:rT4t2MCd7ZHOOHzt0Vm3el1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\lHo7xWMr0pNW-BrSYr.pptx.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	04ea5ab3f606f8a7eca51af7a68945c9
SHA1	576a0736ef4e42506902ea4f4d8b9b8ad6b4ef7c
SHA256	efbbd8b3f9e1865bcd76c0bcba2fa741c87037ed6c636612a77eb9107e0c3cb2
SSDeep	48:rdp4S8SKc4nvrawh1Aje8iwyLPPwecuVPoBgd9W1:rT47Trawha5ePY+POiW1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\LyOD95ME.doc.bbawasted

Dropped File

Unknown

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\LyOD95ME.doc (Dropped File)
Mime Type	application/CDFV2
File Size	43.56 KB
MD5	a6f60d490a372dfdba8a257b8b5e5a59
SHA1	aeedc365d544fabc91f4e356be1226a43fad6cc1
SHA256	63c3bdb987a70561a46d91ffa2b70eaf2ea6464685839d9355332cdfdc811e01
SSDeep	768:r3vn7v2EwD8DJbDq62eyGWJqI/3jbcQIM5tIT604B9RKeeRhq1j6csycK0Rs:r/nqEGobD0ey4QXcQIQ06brRKeeRU2cb
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\oCsdDdEd.ots.bbawasted

Dropped File

ZIP

Not Queried

»

Also Known As	\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\oCsdDdEd.ots (Dropped File)
Mime Type	application/zip
File Size	17.41 KB
MD5	54adb1cc2fea63f8914d9aac092d614d
SHA1	3c6cd7f204a32fe79cdb7e39cc3f099d07a0cceb
SHA256	440f8e6026d12a8b07715854f92056e3f3746c154087a5e9dcd994e93d05c17a
SSDeep	384:LQNcCN23E/QisffI4sIZo2sv1CdwHWJaai:LQNXNcE4DI4sIZonv1C62Jli
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\oCsdDdEd.ots.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	343b310f95c49c750c7958aabc3b924b
SHA1	865049413a87791e57104fee7a1a86a81a572fc9
SHA256	a33f38832011ccf1b34f7a2840fe2cd67bdee5a8ef4f3e8d9793450d930f0f72
SSDeep	48:rdp41YQ033x1km+D4dH96DuvM5RtEYRVm+l2eZ4T1:rT41Yx33x4D4pvM5LHQ+l2eZ4T1
ImpHash	-

\\?\C:\Users\FD1HVy\Documents\pH3m\GExVJ7vWUebr\LyOD95ME.doc.bbawasted_info

Dropped File

Text

Not Queried

»

Mime Type	text/plain
File Size	1.92 KB
MD5	ad54ab2d54fe879a874af1388d6f2a6b
SHA1	aaa4c9ed0814ea5e5799d725bd59356ad5c6ae6c
SHA256	7631505d5aadaf09f26a36983babb067efed90b5b87f7d259ffddccc29c99d91
SSDeep	48:rdp4zPExgxWnHtPaTK1PEDa1aMudJgh4ilmCGCacFocM1:rT4igxWn1lgpilmCzacY1
ImpHash	-

Remarks

There are no files for this filter

There are no files in this analysis

WHOIS Domain Information

Before

After