Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpSigStub.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MsMpEng.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\download\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe@cacheHostOrigin=au.download.windowsupdate.com
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER412E.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER416D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Catalogs\igd.cat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ConfigSecurityPolicy.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\DefenderCSP.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\DlpUserAgent.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Drivers\WdBoot.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Drivers\WdDevFlt.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Drivers\WdFilter.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Drivers\WdNisDrv.sys
|
PE32+ executable (native) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Antimalware-AMFilter.man
|
XML 1.0 document, ASCII text, with very long lines (402), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Antimalware-NIS.man
|
XML 1.0 document, ASCII text, with very long lines (310), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Antimalware-Protection.man
|
XML 1.0 document, ASCII text, with very long lines (335), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Antimalware-RTP.man
|
XML 1.0 document, ASCII text, with very long lines (308), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Antimalware-Service.man
|
XML 1.0 document, ASCII text, with very long lines (320), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Microsoft-Windows-Windows Defender.man
|
XML 1.0 document, ASCII text, with very long lines (374), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpAsDesc.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpAzSubmit.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpClient.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpCmdRun.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpCommu.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpCopyAccelerator.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDefenderCoreService.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDetours.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDetoursCopyAccelerator.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDlp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDlpCmd.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpDlpService.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpEvMsg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpOAV.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpRecovery.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpRtp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpSenseComm.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpSvc.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpUpdate.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpUxAgent.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MsMpLics.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\NisSrv.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\NpRep.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\Defender.psd1
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\DefenderPerformance.psd1
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpBehavioralNetworkBlockingRules.cdxml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpComputerStatus.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpPerformanceRecording.psm1
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpPerformanceRecording.wprp
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpPerformanceReport.Format.ps1xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpPreference.cdxml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpRollback.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpScan.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpSignature.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpThreat.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpThreatCatalog.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpThreatDetection.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\Powershell\MSFT_MpWDOScan.cdxml
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ProtectionManagement.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ProtectionManagement.mof
|
C source, Unicode text, UTF-16, little-endian text, with very long lines (6562), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ProtectionManagement_uninstall.mof
|
C source, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ThirdPartyNotices.txt
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\af-ZA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\am-ET\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ar-SA\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ar-SA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\as-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\az-Latn-AZ\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\bg-BG\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\bg-BG\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\bn-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\bs-Latn-BA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ca-ES-valencia\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ca-ES\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ca-ES\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\com.microsoft.defender.be.chrome.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\com.microsoft.defender.be.firefox.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\cs-CZ\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\cs-CZ\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\cs-CZ\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\cy-GB\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\da-DK\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\da-DK\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\da-DK\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\de-DE\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\de-DE\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\de-DE\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\de-DE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\el-GR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\el-GR\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\el-GR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-GB\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-GB\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-US\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-US\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-US\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\en-US\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\endpointdlp.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-ES\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-ES\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-ES\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-ES\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-MX\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\es-MX\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\et-EE\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\et-EE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\eu-ES\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fa-IR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fi-FI\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fi-FI\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fi-FI\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fil-PH\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-CA\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-CA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-FR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-FR\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-FR\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\fr-FR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ga-IE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\gd-GB\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\gl-ES\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\gu-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\he-IL\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\he-IL\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hi-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hr-HR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hr-HR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hu-HU\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hu-HU\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\hu-HU\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\id-ID\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\id-ID\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\is-IS\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\it-IT\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\it-IT\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\it-IT\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\it-IT\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ja-JP\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ja-JP\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ja-JP\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ja-JP\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ka-GE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\kk-KZ\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\km-KH\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\kn-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ko-KR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ko-KR\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ko-KR\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ko-KR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\kok-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lb-LU\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lo-LA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lt-LT\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lt-LT\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lv-LV\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\lv-LV\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\mi-NZ\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\mk-MK\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ml-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\mpextms.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\mr-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ms-MY\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\mt-MT\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nb-NO\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nb-NO\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nb-NO\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ne-NP\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nl-NL\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nl-NL\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nl-NL\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\nn-NO\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\or-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pa-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pl-PL\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pl-PL\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pl-PL\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-BR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-BR\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-BR\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-BR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-PT\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-PT\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\pt-PT\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\quz-PE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ro-RO\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ro-RO\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ru-RU\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ru-RU\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ru-RU\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ru-RU\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sk-SK\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sk-SK\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sl-SI\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sl-SI\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sq-AL\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sr-Cyrl-BA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sr-Cyrl-RS\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sr-Latn-RS\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sr-Latn-RS\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sv-SE\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sv-SE\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\sv-SE\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ta-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\te-IN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\th-TH\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\th-TH\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\tr-TR\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\tr-TR\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\tr-TR\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\tt-RU\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ug-CN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\uk-UA\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\uk-UA\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\ur-PK\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\vi-VN\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\vi-VN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpAsDesc.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpClient.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpCmdRun.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpCopyAccelerator.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpDetours.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpDetoursCopyAccelerator.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MpOAV.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\MsMpLics.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\en-US\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\x86\endpointdlp.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-CN\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-CN\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-CN\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-CN\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-TW\MpAsDesc.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-TW\MpEvMsg.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-TW\ProtectionManagement.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\zh-TW\mpuxagent.dll.mui
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8CFD2A0F-BA71-4E4B-9DE5-334180AA88C2MPTelemetrySubmit\client_manifest.txt
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8CFD2A0F-BA71-4E4B-9DE5-334180AA88C2MPTelemetrySubmit\watson_manifest.txt
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Desktop\cmdline.out
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\Temp\MpSigStub.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 229 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\wget.exe
|
wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0
(Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com"
|
|
|
|
C:\Users\user\Desktop\download\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe@cacheHostOrigin=au.download.windowsupdate.com.exe
|
"C:\Users\user\Desktop\download\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe@cacheHostOrigin=au.download.windowsupdate.com.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpSigStub.exe
|
C:\Users\user~1\AppData\Local\Temp\50F419BB-3EF6-49AF-A8DA-42C49AEDEDF6\MpSigStub.exe /stub 1.1.24010.2001 /payload 4.18.24090.11
/program C:\Users\user\Desktop\download\updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe@cacheHostOrigin=au.download.windowsupdate.com.exe
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition
--user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com"
> cmdline.out 2>&1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e56b8ed00da6dac55a3c4cbf8c20.exe?cacheHostOrigin=au.download.windowsupdate.com
|
|
||
|
https://github.com/Azure/azure-storage-cpp)
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://74.248.121.8/d/msdownload/update/software/defu/2024/10/updateplatform.amd64fre_d3f6f8300855e5
|
unknown
|
||
|
https://collector.azure.microsoft.scloud/OneCollector/1.0/
|
unknown
|
||
|
https://github.com/Microsoft/cpprestsdk)
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
unknown
|
||
|
https://github.com/open-source-parsers/jsoncpp.git)
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
|
unknown
|
||
|
https://config.edge.skype.net/config/v1/
|
unknown
|
||
|
https://aka.ms/FileIndicatorSupportuxUrluxBodyuxIdjitTitlejitBodybodyimageherosrcbinding%hs/toast/ac
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
74.248.121.8
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MpSigStub
|
LastStartTime
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
ProgramId
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
FileId
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
LongPathHash
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Name
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
OriginalFileName
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Publisher
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Version
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
BinFileVersion
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
BinaryType
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
ProductName
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
ProductVersion
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
LinkDate
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
BinProductVersion
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Size
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Language
|
||
|
\REGISTRY\A\{55657bfa-d164-0e0d-5aba-ad64deb5acc6}\Root\InventoryApplicationFile\mpsigstub.exe|22a0619fda629b14
|
Usn
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MpSigStub
|
LastStartTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MpSigStub
|
LastExitCode
|
There are 12 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
7FF78D581000
|
unkown
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
15D0E540000
|
heap
|
page read and write
|
||
|
15D0E689000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
2191566C000
|
heap
|
page read and write
|
||
|
219156FF000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
21915731000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
7FF78DF84000
|
unkown
|
page readonly
|
||
|
21915678000
|
heap
|
page read and write
|
||
|
21917658000
|
heap
|
page read and write
|
||
|
15D0E65B000
|
heap
|
page read and write
|
||
|
219156E5000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
7FF78D541000
|
unkown
|
page execute read
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
7FF78D541000
|
unkown
|
page execute read
|
||
|
21915674000
|
heap
|
page read and write
|
||
|
219156A7000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
7FF78D581000
|
unkown
|
page write copy
|
||
|
2191765F000
|
heap
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
2191571C000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
15D0E5F0000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
21915684000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
7FF71B720000
|
unkown
|
page readonly
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
96A34FE000
|
stack
|
page read and write
|
||
|
15D0E668000
|
heap
|
page read and write
|
||
|
21915885000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E66D000
|
heap
|
page read and write
|
||
|
21915675000
|
heap
|
page read and write
|
||
|
96A35FB000
|
stack
|
page read and write
|
||
|
219156B0000
|
heap
|
page read and write
|
||
|
2191763B000
|
heap
|
page read and write
|
||
|
21917620000
|
heap
|
page read and write
|
||
|
21915640000
|
heap
|
page read and write
|
||
|
219156B1000
|
heap
|
page read and write
|
||
|
15D0E660000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
7201DE000
|
stack
|
page read and write
|
||
|
21915689000
|
heap
|
page read and write
|
||
|
15D0E646000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
2191765B000
|
heap
|
page read and write
|
||
|
96A38FE000
|
stack
|
page read and write
|
||
|
219156E3000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E580000
|
trusted library allocation
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
14E000
|
stack
|
page read and write
|
||
|
15D0E652000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
96A387E000
|
unkown
|
page readonly
|
||
|
219156AE000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
15D0E639000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E678000
|
heap
|
page read and write
|
||
|
15D0E460000
|
heap
|
page read and write
|
||
|
21915733000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
21915674000
|
heap
|
page read and write
|
||
|
96A317E000
|
unkown
|
page readonly
|
||
|
219156DF000
|
heap
|
page read and write
|
||
|
21915683000
|
heap
|
page read and write
|
||
|
21915678000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
2191567E000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
15D0E66F000
|
heap
|
page read and write
|
||
|
15D0E665000
|
heap
|
page read and write
|
||
|
2191567B000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
15D0E67C000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
96A327E000
|
unkown
|
page readonly
|
||
|
2191570B000
|
heap
|
page read and write
|
||
|
18E000
|
stack
|
page read and write
|
||
|
2191568C000
|
heap
|
page read and write
|
||
|
219156CB000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
96A367E000
|
unkown
|
page readonly
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E661000
|
heap
|
page read and write
|
||
|
15D0E560000
|
heap
|
page read and write
|
||
|
96A337E000
|
unkown
|
page readonly
|
||
|
7FF71B7D1000
|
unkown
|
page readonly
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
21915669000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E67C000
|
heap
|
page read and write
|
||
|
21915674000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
96A307E000
|
unkown
|
page readonly
|
||
|
219156EC000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E677000
|
heap
|
page read and write
|
||
|
7FF71B720000
|
unkown
|
page readonly
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
7FF78D584000
|
unkown
|
page readonly
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E65F000
|
heap
|
page read and write
|
||
|
96A37FC000
|
stack
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E66C000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E661000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
15D0E67C000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E666000
|
heap
|
page read and write
|
||
|
7FF78D540000
|
unkown
|
page readonly
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
21915667000
|
heap
|
page read and write
|
||
|
219156BD000
|
heap
|
page read and write
|
||
|
2191571C000
|
heap
|
page read and write
|
||
|
15D0E668000
|
heap
|
page read and write
|
||
|
15D0E664000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
21915760000
|
heap
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
21915731000
|
heap
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
2191566F000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
7FF78DF84000
|
unkown
|
page readonly
|
||
|
103F000
|
stack
|
page read and write
|
||
|
2191568B000
|
heap
|
page read and write
|
||
|
21915731000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
21917370000
|
heap
|
page read and write
|
||
|
15D0E67F000
|
heap
|
page read and write
|
||
|
21915680000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
7FF71B7F5000
|
unkown
|
page write copy
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
219156EA000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
96A347E000
|
unkown
|
page readonly
|
||
|
2191571C000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
21915673000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
21915690000
|
heap
|
page read and write
|
||
|
219157E0000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
7204FF000
|
stack
|
page read and write
|
||
|
219156C3000
|
heap
|
page read and write
|
||
|
96A32FE000
|
stack
|
page read and write
|
||
|
15D0E67E000
|
heap
|
page read and write
|
||
|
7FF78D571000
|
unkown
|
page readonly
|
||
|
219156FF000
|
heap
|
page read and write
|
||
|
15D0E65D000
|
heap
|
page read and write
|
||
|
21915880000
|
heap
|
page read and write
|
||
|
7FF71B7F5000
|
unkown
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
2191570B000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
21917659000
|
heap
|
page read and write
|
||
|
219156B5000
|
heap
|
page read and write
|
||
|
21917470000
|
heap
|
page read and write
|
||
|
21915840000
|
remote allocation
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
21915667000
|
heap
|
page read and write
|
||
|
219156B0000
|
heap
|
page read and write
|
||
|
7FF71B7F9000
|
unkown
|
page readonly
|
||
|
15D0E665000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
7200DC000
|
stack
|
page read and write
|
||
|
21915692000
|
heap
|
page read and write
|
||
|
21915630000
|
trusted library allocation
|
page read and write
|
||
|
96A30FE000
|
stack
|
page read and write
|
||
|
7FF78D571000
|
unkown
|
page readonly
|
||
|
219156AE000
|
heap
|
page read and write
|
||
|
7FF71B721000
|
unkown
|
page execute read
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
7FF78D540000
|
unkown
|
page readonly
|
||
|
21915668000
|
heap
|
page read and write
|
||
|
7FF71B7F9000
|
unkown
|
page readonly
|
||
|
15D0EA74000
|
heap
|
page read and write
|
||
|
7FF71B721000
|
unkown
|
page execute read
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
21915733000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
96A2C98000
|
stack
|
page read and write
|
||
|
219155F0000
|
heap
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
96A33FD000
|
stack
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E661000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
21915840000
|
remote allocation
|
page read and write
|
||
|
15D0E684000
|
heap
|
page read and write
|
||
|
15D0E661000
|
heap
|
page read and write
|
||
|
15D0E66D000
|
heap
|
page read and write
|
||
|
2191765F000
|
heap
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
15D0E661000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
219156E9000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
21915693000
|
heap
|
page read and write
|
||
|
2191568B000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
21915840000
|
remote allocation
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
15D0E673000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
96A31FE000
|
stack
|
page read and write
|
||
|
21915733000
|
heap
|
page read and write
|
||
|
96A2D9E000
|
stack
|
page read and write
|
||
|
15D0E630000
|
heap
|
page read and write
|
||
|
21915740000
|
trusted library allocation
|
page read and write
|
||
|
15D0E65F000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E66D000
|
heap
|
page read and write
|
||
|
219156E5000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
2191567D000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E66E000
|
heap
|
page read and write
|
||
|
21917656000
|
heap
|
page read and write
|
||
|
15D0E67F000
|
heap
|
page read and write
|
||
|
15D0E670000
|
heap
|
page read and write
|
||
|
15D0E645000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E660000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
21915510000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
7FF78D584000
|
unkown
|
page readonly
|
||
|
21915674000
|
heap
|
page read and write
|
||
|
15D0E675000
|
heap
|
page read and write
|
||
|
15D0E67C000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
21915672000
|
heap
|
page read and write
|
||
|
21915686000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
219156E9000
|
heap
|
page read and write
|
||
|
15D0E580000
|
trusted library allocation
|
page read and write
|
||
|
1B6000
|
heap
|
page read and write
|
||
|
219156BD000
|
heap
|
page read and write
|
||
|
15D0E66D000
|
heap
|
page read and write
|
||
|
15D0E663000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
15D0E65D000
|
heap
|
page read and write
|
||
|
7FF71B7D1000
|
unkown
|
page readonly
|
||
|
219156B0000
|
heap
|
page read and write
|
||
|
15D0E66D000
|
heap
|
page read and write
|
||
|
15D0E667000
|
heap
|
page read and write
|
||
|
15D0E662000
|
heap
|
page read and write
|
||
|
15D0E64A000
|
heap
|
page read and write
|
||
|
2191765B000
|
heap
|
page read and write
|
||
|
15D0E668000
|
heap
|
page read and write
|
||
|
219156FB000
|
heap
|
page read and write
|
||
|
21917630000
|
heap
|
page read and write
|
||
|
15D0E671000
|
heap
|
page read and write
|
||
|
21915667000
|
heap
|
page read and write
|
||
|
219157EB000
|
heap
|
page read and write
|
||
|
219156FB000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
15D0E676000
|
heap
|
page read and write
|
||
|
21915610000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
15D0E67F000
|
heap
|
page read and write
|
||
|
15D0E65D000
|
heap
|
page read and write
|
There are 309 hidden memdumps, click here to show them.